Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-15652 (GCVE-0-2020-15652)
Vulnerability from cvelistv5
Published
2020-08-10 17:43
Modified
2024-08-04 13:22
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Potential leak of redirect targets when loading scripts in a worker
Summary
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
References
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | Mozilla | Firefox |
Version: unspecified < 79 |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T13:22:30.541Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-30/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-35/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-32/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-33/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-31/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1634872"
},
{
"name": "openSUSE-SU-2020:1179",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html"
},
{
"name": "openSUSE-SU-2020:1189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html"
},
{
"name": "openSUSE-SU-2020:1205",
"tags": [
"vendor-advisory",
"x_refsource_SUSE",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html"
},
{
"name": "USN-4443-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4443-1/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Firefox",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "79",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Firefox ESR",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "68.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "78.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
},
{
"product": "Thunderbird",
"vendor": "Mozilla",
"versions": [
{
"lessThan": "68.11",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
},
{
"lessThan": "78.1",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Potential leak of redirect targets when loading scripts in a worker",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-18T13:06:13",
"orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"shortName": "mozilla"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-30/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-35/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-32/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-33/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.mozilla.org/security/advisories/mfsa2020-31/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1634872"
},
{
"name": "openSUSE-SU-2020:1179",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html"
},
{
"name": "openSUSE-SU-2020:1189",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html"
},
{
"name": "openSUSE-SU-2020:1205",
"tags": [
"vendor-advisory",
"x_refsource_SUSE"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html"
},
{
"name": "USN-4443-1",
"tags": [
"vendor-advisory",
"x_refsource_UBUNTU"
],
"url": "https://usn.ubuntu.com/4443-1/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@mozilla.org",
"ID": "CVE-2020-15652",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Firefox",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "79"
}
]
}
},
{
"product_name": "Firefox ESR",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "68.11"
},
{
"version_affected": "\u003c",
"version_value": "78.1"
}
]
}
},
{
"product_name": "Thunderbird",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "68.11"
},
{
"version_affected": "\u003c",
"version_value": "78.1"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Potential leak of redirect targets when loading scripts in a worker"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.mozilla.org/security/advisories/mfsa2020-30/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-30/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2020-35/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-35/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2020-32/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-32/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2020-33/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-33/"
},
{
"name": "https://www.mozilla.org/security/advisories/mfsa2020-31/",
"refsource": "MISC",
"url": "https://www.mozilla.org/security/advisories/mfsa2020-31/"
},
{
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1634872",
"refsource": "MISC",
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1634872"
},
{
"name": "openSUSE-SU-2020:1179",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html"
},
{
"name": "openSUSE-SU-2020:1189",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html"
},
{
"name": "openSUSE-SU-2020:1205",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html"
},
{
"name": "USN-4443-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4443-1/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
"assignerShortName": "mozilla",
"cveId": "CVE-2020-15652",
"datePublished": "2020-08-10T17:43:24",
"dateReserved": "2020-07-10T00:00:00",
"dateUpdated": "2024-08-04T13:22:30.541Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-15652\",\"sourceIdentifier\":\"security@mozilla.org\",\"published\":\"2020-08-10T18:15:12.297\",\"lastModified\":\"2024-11-21T05:05:56.907\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.\"},{\"lang\":\"es\",\"value\":\"Al observar el seguimiento de la pila de errores de JavaScript en los trabajadores web, fue posible filtrar el resultado de un redireccionamiento de origen cruzado. Esto se aplica solo al contenido que puede ser analizado como script. Esta vulnerabilidad afecta a Firefox versiones anteriores a 79, Firefox ESR versiones anteriores a 68.11, Firefox ESR versiones anteriores a 78.1, Thunderbird versiones anteriores a 68.11 y Thunderbird versiones anteriores a 78.1\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:P/I:N/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-346\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"79.0\",\"matchCriteriaId\":\"89415068-6F07-4D38-9BE8-EAC175A310DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"78.0\",\"versionEndExcluding\":\"78.1\",\"matchCriteriaId\":\"B7C6EE7F-C0DA-4347-8AC6-35309751B93C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:firefox_esr:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"68.11\",\"matchCriteriaId\":\"A0267D9C-02C0-4057-AFBC-C14B11792AB2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"68.11\",\"matchCriteriaId\":\"73C27FBD-A24E-4084-941F-A033A922268A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:mozilla:thunderbird:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"78.0\",\"versionEndExcluding\":\"78.1\",\"matchCriteriaId\":\"D7CB2793-FCE0-4769-AFD4-4FF1CAB472C3\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html\",\"source\":\"security@mozilla.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1634872\",\"source\":\"security@mozilla.org\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4443-1/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-30/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-31/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-32/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-33/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-35/\",\"source\":\"security@mozilla.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00025.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-08/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://bugzilla.mozilla.org/show_bug.cgi?id=1634872\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Vendor Advisory\"]},{\"url\":\"https://usn.ubuntu.com/4443-1/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-30/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-31/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-32/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-33/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.mozilla.org/security/advisories/mfsa2020-35/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}"
}
}
rhsa-2020:3345
Vulnerability from csaf_redhat
Published
2020-08-06 09:51
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 68.11.0.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for thunderbird is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.11.0.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3345",
"url": "https://access.redhat.com/errata/RHSA-2020:3345"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3345.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:47+00:00",
"generator": {
"date": "2025-08-02T10:52:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3345",
"initial_release_date": "2020-08-06T09:51:23+00:00",
"revision_history": [
{
"date": "2020-08-06T09:51:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-06T09:51:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el6_10.i686",
"product": {
"name": "thunderbird-0:68.11.0-1.el6_10.i686",
"product_id": "thunderbird-0:68.11.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el6_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el6_10.x86_64",
"product": {
"name": "thunderbird-0:68.11.0-1.el6_10.x86_64",
"product_id": "thunderbird-0:68.11.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el6_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el6_10.src",
"product": {
"name": "thunderbird-0:68.11.0-1.el6_10.src",
"product_id": "thunderbird-0:68.11.0-1.el6_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el6_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el6_10.ppc64",
"product": {
"name": "thunderbird-0:68.11.0-1.el6_10.ppc64",
"product_id": "thunderbird-0:68.11.0-1.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el6_10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el6_10?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el6_10.s390x",
"product": {
"name": "thunderbird-0:68.11.0-1.el6_10.s390x",
"product_id": "thunderbird-0:68.11.0-1.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el6_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el6_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:51:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3345"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:51:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3345"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:51:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3345"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:51:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3345"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:thunderbird-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:thunderbird-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3233
Vulnerability from csaf_redhat
Published
2020-07-29 22:47
Modified
2025-08-02 10:51
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.11.0 ESR.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.11.0 ESR.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3233",
"url": "https://access.redhat.com/errata/RHSA-2020:3233"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3233.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2025-08-02T10:51:47+00:00",
"generator": {
"date": "2025-08-02T10:51:47+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3233",
"initial_release_date": "2020-07-29T22:47:04+00:00",
"revision_history": [
{
"date": "2020-07-29T22:47:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-29T22:47:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:51:47+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::computenode"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:6::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el6_10.i686",
"product": {
"name": "firefox-0:68.11.0-1.el6_10.i686",
"product_id": "firefox-0:68.11.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el6_10?arch=i686"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"product_id": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el6_10?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el6_10.x86_64",
"product": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64",
"product_id": "firefox-0:68.11.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el6_10?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el6_10?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el6_10.src",
"product": {
"name": "firefox-0:68.11.0-1.el6_10.src",
"product_id": "firefox-0:68.11.0-1.el6_10.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el6_10?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el6_10.ppc64",
"product": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64",
"product_id": "firefox-0:68.11.0-1.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el6_10?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el6_10?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el6_10.s390x",
"product": {
"name": "firefox-0:68.11.0-1.el6_10.s390x",
"product_id": "firefox-0:68.11.0-1.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el6_10?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"product_id": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el6_10?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 6)",
"product_id": "6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Desktop Optional (v. 6)",
"product_id": "6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Client-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux HPC Node Optional (v. 6)",
"product_id": "6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6ComputeNode-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server (v. 6)",
"product_id": "6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 6)",
"product_id": "6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Server-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 6)",
"product_id": "6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.src",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 6)",
"product_id": "6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"relates_to_product_reference": "6Workstation-optional-6.10.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T22:47:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3233"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T22:47:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3233"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T22:47:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3233"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T22:47:04+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3233"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Client-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Client-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6ComputeNode-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6ComputeNode-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Server-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Server-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.src",
"6Workstation-optional-6.10.z:firefox-0:68.11.0-1.el6_10.x86_64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.i686",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.ppc64",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.s390x",
"6Workstation-optional-6.10.z:firefox-debuginfo-0:68.11.0-1.el6_10.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3229
Vulnerability from csaf_redhat
Published
2020-07-29 21:13
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.11.0 ESR.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.11.0 ESR.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3229",
"url": "https://access.redhat.com/errata/RHSA-2020:3229"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3229.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:36+00:00",
"generator": {
"date": "2025-08-02T10:52:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3229",
"initial_release_date": "2020-07-29T21:13:33+00:00",
"revision_history": [
{
"date": "2020-07-29T21:13:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-29T21:13:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_0.ppc64le",
"product": {
"name": "firefox-0:68.11.0-1.el8_0.ppc64le",
"product_id": "firefox-0:68.11.0-1.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_0.x86_64",
"product": {
"name": "firefox-0:68.11.0-1.el8_0.x86_64",
"product_id": "firefox-0:68.11.0-1.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_0.x86_64",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_0.x86_64",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_0.src",
"product": {
"name": "firefox-0:68.11.0-1.el8_0.src",
"product_id": "firefox-0:68.11.0-1.el8_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src"
},
"product_reference": "firefox-0:68.11.0-1.el8_0.src",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T21:13:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3229"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T21:13:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3229"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T21:13:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3229"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-29T21:13:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3229"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:firefox-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:firefox-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3342
Vulnerability from csaf_redhat
Published
2020-08-06 07:09
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 68.11.0.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.11.0.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3342",
"url": "https://access.redhat.com/errata/RHSA-2020:3342"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3342.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:25+00:00",
"generator": {
"date": "2025-08-02T10:52:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3342",
"initial_release_date": "2020-08-06T07:09:36+00:00",
"revision_history": [
{
"date": "2020-08-06T07:09:36+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-06T07:09:36+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.1::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_1.x86_64",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_1.x86_64",
"product_id": "thunderbird-0:68.11.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64",
"product": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64",
"product_id": "thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@68.11.0-1.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el8_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_1.ppc64le",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_1.ppc64le",
"product_id": "thunderbird-0:68.11.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"product": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"product_id": "thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@68.11.0-1.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el8_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_1.src",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_1.src",
"product_id": "thunderbird-0:68.11.0-1.el8_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_1.src",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le"
},
"product_reference": "thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
},
"product_reference": "thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:09:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:09:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:09:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:09:36+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3342"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:thunderbird-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:thunderbird-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3241
Vulnerability from csaf_redhat
Published
2020-07-30 07:40
Modified
2025-08-02 10:51
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.11.0 ESR.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.11.0 ESR.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3241",
"url": "https://access.redhat.com/errata/RHSA-2020:3241"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3241.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2025-08-02T10:51:55+00:00",
"generator": {
"date": "2025-08-02T10:51:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3241",
"initial_release_date": "2020-07-30T07:40:54+00:00",
"revision_history": [
{
"date": "2020-07-30T07:40:54+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-30T07:40:54+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:51:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_2.ppc64le",
"product": {
"name": "firefox-0:68.11.0-1.el8_2.ppc64le",
"product_id": "firefox-0:68.11.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_2.s390x",
"product": {
"name": "firefox-0:68.11.0-1.el8_2.s390x",
"product_id": "firefox-0:68.11.0-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_2?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_2?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_2.x86_64",
"product": {
"name": "firefox-0:68.11.0-1.el8_2.x86_64",
"product_id": "firefox-0:68.11.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_2.x86_64",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.x86_64",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_2.aarch64",
"product": {
"name": "firefox-0:68.11.0-1.el8_2.aarch64",
"product_id": "firefox-0:68.11.0-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_2.src",
"product": {
"name": "firefox-0:68.11.0-1.el8_2.src",
"product_id": "firefox-0:68.11.0-1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64"
},
"product_reference": "firefox-0:68.11.0-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src"
},
"product_reference": "firefox-0:68.11.0-1.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T07:40:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3241"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T07:40:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3241"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T07:40:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3241"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T07:40:54+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3241"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.s390x",
"AppStream-8.2.0.Z.MAIN.EUS:firefox-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3253
Vulnerability from csaf_redhat
Published
2020-07-30 19:40
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.11.0 ESR.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.11.0 ESR.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3253",
"url": "https://access.redhat.com/errata/RHSA-2020:3253"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3253.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:02+00:00",
"generator": {
"date": "2025-08-02T10:52:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3253",
"initial_release_date": "2020-07-30T19:40:23+00:00",
"revision_history": [
{
"date": "2020-07-30T19:40:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-30T19:40:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el7_8.x86_64",
"product": {
"name": "firefox-0:68.11.0-1.el7_8.x86_64",
"product_id": "firefox-0:68.11.0-1.el7_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el7_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el7_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el7_8.src",
"product": {
"name": "firefox-0:68.11.0-1.el7_8.src",
"product_id": "firefox-0:68.11.0-1.el7_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el7_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el7_8.s390x",
"product": {
"name": "firefox-0:68.11.0-1.el7_8.s390x",
"product_id": "firefox-0:68.11.0-1.el7_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el7_8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"product_id": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el7_8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el7_8.ppc64",
"product": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64",
"product_id": "firefox-0:68.11.0-1.el7_8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el7_8?arch=ppc64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el7_8?arch=ppc64"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el7_8.ppc64le",
"product": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64le",
"product_id": "firefox-0:68.11.0-1.el7_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el7_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"product_id": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el7_8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el7_8.i686",
"product": {
"name": "firefox-0:68.11.0-1.el7_8.i686",
"product_id": "firefox-0:68.11.0-1.el7_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el7_8?arch=i686"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"product_id": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el7_8?arch=i686"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Client Optional (v. 7)",
"product_id": "7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Client-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Server-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.i686 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Workstation Optional (v. 7)",
"product_id": "7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Workstation-optional-7.8.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:40:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3253"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:40:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3253"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:40:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3253"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:40:23+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3253"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Client-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Client-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Server-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.src",
"7Workstation-optional-7.8.Z:firefox-0:68.11.0-1.el7_8.x86_64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.i686",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.s390x",
"7Workstation-optional-7.8.Z:firefox-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3343
Vulnerability from csaf_redhat
Published
2020-08-06 07:05
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 68.11.0.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for thunderbird is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.11.0.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3343",
"url": "https://access.redhat.com/errata/RHSA-2020:3343"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3343.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:18+00:00",
"generator": {
"date": "2025-08-02T10:52:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3343",
"initial_release_date": "2020-08-06T07:05:00+00:00",
"revision_history": [
{
"date": "2020-08-06T07:05:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-06T07:05:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product": {
"name": "Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_e4s:8.0::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_0.x86_64",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_0.x86_64",
"product_id": "thunderbird-0:68.11.0-1.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64",
"product": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64",
"product_id": "thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@68.11.0-1.el8_0?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el8_0?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_0.ppc64le",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_0.ppc64le",
"product_id": "thunderbird-0:68.11.0-1.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"product": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"product_id": "thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@68.11.0-1.el8_0?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el8_0?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_0.src",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_0.src",
"product_id": "thunderbird-0:68.11.0-1.el8_0.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_0?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_0.src as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_0.src",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le"
},
"product_reference": "thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64 as a component of Red Hat Enterprise Linux AppStream E4S (v. 8.0)",
"product_id": "AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
},
"product_reference": "thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64",
"relates_to_product_reference": "AppStream-8.0.0.Z.E4S"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3343"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3343"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3343"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:05:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3343"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.src",
"AppStream-8.0.0.Z.E4S:thunderbird-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debuginfo-0:68.11.0-1.el8_0.x86_64",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.ppc64le",
"AppStream-8.0.0.Z.E4S:thunderbird-debugsource-0:68.11.0-1.el8_0.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3254
Vulnerability from csaf_redhat
Published
2020-07-30 19:27
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: firefox security update
Notes
Topic
An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 68.11.0 ESR.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for firefox is now available for Red Hat Enterprise Linux 8.1 Extended Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.\n\nThis update upgrades Firefox to version 68.11.0 ESR.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3254",
"url": "https://access.redhat.com/errata/RHSA-2020:3254"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3254.json"
}
],
"title": "Red Hat Security Advisory: firefox security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:11+00:00",
"generator": {
"date": "2025-08-02T10:52:11+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3254",
"initial_release_date": "2020-07-30T19:27:56+00:00",
"revision_history": [
{
"date": "2020-07-30T19:27:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-07-30T19:27:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:11+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product": {
"name": "Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_eus:8.1::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_1.ppc64le",
"product": {
"name": "firefox-0:68.11.0-1.el8_1.ppc64le",
"product_id": "firefox-0:68.11.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_1?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_1?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_1.s390x",
"product": {
"name": "firefox-0:68.11.0-1.el8_1.s390x",
"product_id": "firefox-0:68.11.0-1.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_1.x86_64",
"product": {
"name": "firefox-0:68.11.0-1.el8_1.x86_64",
"product_id": "firefox-0:68.11.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_1.x86_64",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.x86_64",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_1.aarch64",
"product": {
"name": "firefox-0:68.11.0-1.el8_1.aarch64",
"product_id": "firefox-0:68.11.0-1.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"product": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"product_id": "firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debugsource@68.11.0-1.el8_1?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"product": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"product_id": "firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox-debuginfo@68.11.0-1.el8_1?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "firefox-0:68.11.0-1.el8_1.src",
"product": {
"name": "firefox-0:68.11.0-1.el8_1.src",
"product_id": "firefox-0:68.11.0-1.el8_1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/firefox@68.11.0-1.el8_1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64"
},
"product_reference": "firefox-0:68.11.0-1.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le"
},
"product_reference": "firefox-0:68.11.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x"
},
"product_reference": "firefox-0:68.11.0-1.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_1.src as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src"
},
"product_reference": "firefox-0:68.11.0-1.el8_1.src",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-0:68.11.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64"
},
"product_reference": "firefox-0:68.11.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debuginfo-0:68.11.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64"
},
"product_reference": "firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.aarch64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.ppc64le as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.s390x as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "firefox-debugsource-0:68.11.0-1.el8_1.x86_64 as a component of Red Hat Enterprise Linux AppStream EUS (v. 8.1)",
"product_id": "AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
},
"product_reference": "firefox-debugsource-0:68.11.0-1.el8_1.x86_64",
"relates_to_product_reference": "AppStream-8.1.0.Z.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:27:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3254"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:27:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3254"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:27:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3254"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-07-30T19:27:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the update, Firefox must be restarted for the changes to take effect.",
"product_ids": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3254"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.src",
"AppStream-8.1.0.Z.EUS:firefox-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debuginfo-0:68.11.0-1.el8_1.x86_64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.aarch64",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.ppc64le",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.s390x",
"AppStream-8.1.0.Z.EUS:firefox-debugsource-0:68.11.0-1.el8_1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3344
Vulnerability from csaf_redhat
Published
2020-08-06 09:12
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 68.11.0.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for thunderbird is now available for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.11.0.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3344",
"url": "https://access.redhat.com/errata/RHSA-2020:3344"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3344.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:39+00:00",
"generator": {
"date": "2025-08-02T10:52:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3344",
"initial_release_date": "2020-08-06T09:12:13+00:00",
"revision_history": [
{
"date": "2020-08-06T09:12:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-06T09:12:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::server"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:7::workstation"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el7_8.x86_64",
"product": {
"name": "thunderbird-0:68.11.0-1.el7_8.x86_64",
"product_id": "thunderbird-0:68.11.0-1.el7_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el7_8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el7_8?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el7_8.src",
"product": {
"name": "thunderbird-0:68.11.0-1.el7_8.src",
"product_id": "thunderbird-0:68.11.0-1.el7_8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el7_8?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el7_8.ppc64le",
"product": {
"name": "thunderbird-0:68.11.0-1.el7_8.ppc64le",
"product_id": "thunderbird-0:68.11.0-1.el7_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el7_8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el7_8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Client-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Server Optional (v. 7)",
"product_id": "7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Server-optional-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.src as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.src",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"relates_to_product_reference": "7Workstation-7.8.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64 as a component of Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"relates_to_product_reference": "7Workstation-7.8.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:12:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3344"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:12:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3344"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:12:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3344"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T09:12:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3344"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Client-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Client-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Server-optional-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Server-optional-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.src",
"7Workstation-7.8.Z:thunderbird-0:68.11.0-1.el7_8.x86_64",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.ppc64le",
"7Workstation-7.8.Z:thunderbird-debuginfo-0:68.11.0-1.el7_8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
rhsa-2020:3341
Vulnerability from csaf_redhat
Published
2020-08-06 07:16
Modified
2025-08-02 10:52
Summary
Red Hat Security Advisory: thunderbird security update
Notes
Topic
An update for thunderbird is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Mozilla Thunderbird is a standalone mail and newsgroup client.
This update upgrades Thunderbird to version 68.11.0.
Security Fix(es):
* chromium-browser: Use after free in ANGLE (CVE-2020-6463)
* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)
* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)
* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for thunderbird is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Mozilla Thunderbird is a standalone mail and newsgroup client.\n\nThis update upgrades Thunderbird to version 68.11.0.\n\nSecurity Fix(es):\n\n* chromium-browser: Use after free in ANGLE (CVE-2020-6463)\n\n* chromium-browser: Inappropriate implementation in WebRTC (CVE-2020-6514)\n\n* Mozilla: Potential leak of redirect targets when loading scripts in a worker (CVE-2020-15652)\n\n* Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11 (CVE-2020-15659)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:3341",
"url": "https://access.redhat.com/errata/RHSA-2020:3341"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_3341.json"
}
],
"title": "Red Hat Security Advisory: thunderbird security update",
"tracking": {
"current_release_date": "2025-08-02T10:52:32+00:00",
"generator": {
"date": "2025-08-02T10:52:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.6"
}
},
"id": "RHSA-2020:3341",
"initial_release_date": "2020-08-06T07:16:16+00:00",
"revision_history": [
{
"date": "2020-08-06T07:16:16+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-08-06T07:16:16+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-08-02T10:52:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_2.x86_64",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_2.x86_64",
"product_id": "thunderbird-0:68.11.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64",
"product": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64",
"product_id": "thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@68.11.0-1.el8_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el8_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_2.ppc64le",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_2.ppc64le",
"product_id": "thunderbird-0:68.11.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"product": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"product_id": "thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@68.11.0-1.el8_2?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el8_2?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_2.aarch64",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_2.aarch64",
"product_id": "thunderbird-0:68.11.0-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"product": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"product_id": "thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debugsource@68.11.0-1.el8_2?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"product": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"product_id": "thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird-debuginfo@68.11.0-1.el8_2?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "thunderbird-0:68.11.0-1.el8_2.src",
"product": {
"name": "thunderbird-0:68.11.0-1.el8_2.src",
"product_id": "thunderbird-0:68.11.0-1.el8_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/thunderbird@68.11.0-1.el8_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_2.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_2.src",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-0:68.11.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64"
},
"product_reference": "thunderbird-0:68.11.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64"
},
"product_reference": "thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64"
},
"product_reference": "thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le"
},
"product_reference": "thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
},
"product_reference": "thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64",
"relates_to_product_reference": "AppStream-8.2.0.Z.MAIN.EUS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-6463",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2020-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1840893"
}
],
"notes": [
{
"category": "description",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Use after free in ANGLE",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "RHBZ#1840893",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1840893"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6463",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6463"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6463"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html",
"url": "https://chromereleases.googleblog.com/2020/04/stable-channel-update-for-desktop_21.html"
}
],
"release_date": "2020-04-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:16:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3341"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Use after free in ANGLE"
},
{
"cve": "CVE-2020-6514",
"discovery_date": "2020-07-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1857349"
}
],
"notes": [
{
"category": "description",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "chromium-browser: Inappropriate implementation in WebRTC",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "RHBZ#1857349",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1857349"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-6514",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-6514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-6514"
},
{
"category": "external",
"summary": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html",
"url": "https://chromereleases.googleblog.com/2020/07/stable-channel-update-for-desktop.html"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:16:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3341"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "chromium-browser: Inappropriate implementation in WebRTC"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mikhail Oblozhikhin"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15652",
"cwe": {
"id": "CWE-209",
"name": "Generation of Error Message Containing Sensitive Information"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861570"
}
],
"notes": [
{
"category": "description",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Potential leak of redirect targets when loading scripts in a worker",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "RHBZ#1861570",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861570"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15652",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15652"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15652"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15652"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:16:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3341"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Potential leak of redirect targets when loading scripts in a worker"
},
{
"acknowledgments": [
{
"names": [
"the Mozilla project"
]
},
{
"names": [
"Mozilla developers and community"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-15659",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"discovery_date": "2020-07-28T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1861572"
}
],
"notes": [
{
"category": "description",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "RHBZ#1861572",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1861572"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15659",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15659"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15659"
},
{
"category": "external",
"summary": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659",
"url": "https://www.mozilla.org/en-US/security/advisories/mfsa2020-31/#CVE-2020-15659"
}
],
"release_date": "2020-07-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-08-06T07:16:16+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Thunderbird must be restarted for the update to take effect.",
"product_ids": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:3341"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.src",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debuginfo-0:68.11.0-1.el8_2.x86_64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.aarch64",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.ppc64le",
"AppStream-8.2.0.Z.MAIN.EUS:thunderbird-debugsource-0:68.11.0-1.el8_2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "Mozilla: Memory safety bugs fixed in Firefox 79 and Firefox ESR 68.11"
}
]
}
suse-su-2020:2100-1
Vulnerability from csaf_suse
Published
2020-07-31 12:04
Modified
2020-07-31 12:04
Summary
Security update for MozillaFirefox
Notes
Title of the patch
Security update for MozillaFirefox
Description of the patch
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.1.0 ESR
* Fixed: Various stability, functionality, and security fixes (bsc#1174538)
* CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker
* CVE-2020-6514: WebRTC data channel leaks internal address to peer
* CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653: Bypassing iframe sandbox when allowing popups
* CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656: Type confusion for special arguments in IonMonkey
* CVE-2020-15658: Overriding file type when saving to disk
* CVE-2020-15657: DLL hijacking due to incorrect loading path
* CVE-2020-15654: Custom cursor can overlay user interface
* CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
Patchnames
HPE-Helion-OpenStack-8-2020-2100,SUSE-2020-2100,SUSE-OpenStack-Cloud-7-2020-2100,SUSE-OpenStack-Cloud-8-2020-2100,SUSE-OpenStack-Cloud-9-2020-2100,SUSE-OpenStack-Cloud-Crowbar-8-2020-2100,SUSE-OpenStack-Cloud-Crowbar-9-2020-2100,SUSE-SLE-SAP-12-SP2-2020-2100,SUSE-SLE-SAP-12-SP3-2020-2100,SUSE-SLE-SAP-12-SP4-2020-2100,SUSE-SLE-SDK-12-SP5-2020-2100,SUSE-SLE-SERVER-12-SP2-2020-2100,SUSE-SLE-SERVER-12-SP2-BCL-2020-2100,SUSE-SLE-SERVER-12-SP3-2020-2100,SUSE-SLE-SERVER-12-SP3-BCL-2020-2100,SUSE-SLE-SERVER-12-SP4-LTSS-2020-2100,SUSE-SLE-SERVER-12-SP5-2020-2100,SUSE-Storage-5-2020-2100
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox fixes the following issues:\n\n- Firefox Extended Support Release 78.1.0 ESR\n * Fixed: Various stability, functionality, and security fixes (bsc#1174538)\n * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker\n * CVE-2020-6514: WebRTC data channel leaks internal address to peer\n * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy\n * CVE-2020-15653: Bypassing iframe sandbox when allowing popups\n * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture\n * CVE-2020-15656: Type confusion for special arguments in IonMonkey\n * CVE-2020-15658: Overriding file type when saving to disk\n * CVE-2020-15657: DLL hijacking due to incorrect loading path\n * CVE-2020-15654: Custom cursor can overlay user interface\n * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "HPE-Helion-OpenStack-8-2020-2100,SUSE-2020-2100,SUSE-OpenStack-Cloud-7-2020-2100,SUSE-OpenStack-Cloud-8-2020-2100,SUSE-OpenStack-Cloud-9-2020-2100,SUSE-OpenStack-Cloud-Crowbar-8-2020-2100,SUSE-OpenStack-Cloud-Crowbar-9-2020-2100,SUSE-SLE-SAP-12-SP2-2020-2100,SUSE-SLE-SAP-12-SP3-2020-2100,SUSE-SLE-SAP-12-SP4-2020-2100,SUSE-SLE-SDK-12-SP5-2020-2100,SUSE-SLE-SERVER-12-SP2-2020-2100,SUSE-SLE-SERVER-12-SP2-BCL-2020-2100,SUSE-SLE-SERVER-12-SP3-2020-2100,SUSE-SLE-SERVER-12-SP3-BCL-2020-2100,SUSE-SLE-SERVER-12-SP4-LTSS-2020-2100,SUSE-SLE-SERVER-12-SP5-2020-2100,SUSE-Storage-5-2020-2100",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2100-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:2100-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20202100-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:2100-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-July/007206.html"
},
{
"category": "self",
"summary": "SUSE Bug 1173948",
"url": "https://bugzilla.suse.com/1173948"
},
{
"category": "self",
"summary": "SUSE Bug 1174538",
"url": "https://bugzilla.suse.com/1174538"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15653 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15654 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15655 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15657 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15658 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15659 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6463 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6514 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6514/"
}
],
"title": "Security update for MozillaFirefox",
"tracking": {
"current_release_date": "2020-07-31T12:04:41Z",
"generator": {
"date": "2020-07-31T12:04:41Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:2100-1",
"initial_release_date": "2020-07-31T12:04:41Z",
"revision_history": [
{
"date": "2020-07-31T12:04:41Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-112.8.1.aarch64",
"product": {
"name": "MozillaFirefox-78.1.0-112.8.1.aarch64",
"product_id": "MozillaFirefox-78.1.0-112.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"product_id": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"product_id": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.aarch64",
"product_id": "MozillaFirefox-translations-other-78.1.0-112.8.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"product": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"product_id": "MozillaFirefox-78.1.0-112.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"product_id": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-78.1.0-112.8.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-112.8.1.s390x",
"product": {
"name": "MozillaFirefox-78.1.0-112.8.1.s390x",
"product_id": "MozillaFirefox-78.1.0-112.8.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"product": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"product_id": "MozillaFirefox-devel-78.1.0-112.8.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"product_id": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.s390x",
"product_id": "MozillaFirefox-translations-other-78.1.0-112.8.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"product": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"product_id": "MozillaFirefox-78.1.0-112.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"product_id": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"product_id": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-112.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-78.1.0-112.8.1.x86_64",
"product": {
"name": "MozillaFirefox-buildsymbols-78.1.0-112.8.1.x86_64",
"product_id": "MozillaFirefox-buildsymbols-78.1.0-112.8.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-112.8.1.x86_64",
"product_id": "MozillaFirefox-translations-other-78.1.0-112.8.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "HPE Helion OpenStack 8",
"product": {
"name": "HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:hpe-helion-openstack:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 7",
"product": {
"name": "SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:7"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 8",
"product": {
"name": "SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud 9",
"product": {
"name": "SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud:9"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 8",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:8"
}
}
},
{
"category": "product_name",
"name": "SUSE OpenStack Cloud Crowbar 9",
"product": {
"name": "SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-openstack-cloud-crowbar:9"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-bcl:12:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:12:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 5",
"product": {
"name": "SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of HPE Helion OpenStack 8",
"product_id": "HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "HPE Helion OpenStack 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 7",
"product_id": "SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 8",
"product_id": "SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud 9",
"product_id": "SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8",
"product_id": "SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 8"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9",
"product_id": "SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE OpenStack Cloud Crowbar 9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL",
"product_id": "SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP3-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.aarch64 as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-112.8.1.x86_64 as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64 as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64 as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64 as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64 as component of SUSE Enterprise Storage 5",
"product_id": "SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15652"
}
],
"notes": [
{
"category": "general",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15652",
"url": "https://www.suse.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15652",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15652"
},
{
"cve": "CVE-2020-15653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15653"
}
],
"notes": [
{
"category": "general",
"text": "An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15653",
"url": "https://www.suse.com/security/cve/CVE-2020-15653"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15653",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15653"
},
{
"cve": "CVE-2020-15654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15654"
}
],
"notes": [
{
"category": "general",
"text": "When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15654",
"url": "https://www.suse.com/security/cve/CVE-2020-15654"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15654",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15654"
},
{
"cve": "CVE-2020-15655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15655"
}
],
"notes": [
{
"category": "general",
"text": "A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15655",
"url": "https://www.suse.com/security/cve/CVE-2020-15655"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15655",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15655"
},
{
"cve": "CVE-2020-15656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15656"
}
],
"notes": [
{
"category": "general",
"text": "JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15656",
"url": "https://www.suse.com/security/cve/CVE-2020-15656"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15656",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15656"
},
{
"cve": "CVE-2020-15657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15657"
}
],
"notes": [
{
"category": "general",
"text": "Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15657",
"url": "https://www.suse.com/security/cve/CVE-2020-15657"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15657",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15657"
},
{
"cve": "CVE-2020-15658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15658"
}
],
"notes": [
{
"category": "general",
"text": "The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15658",
"url": "https://www.suse.com/security/cve/CVE-2020-15658"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15658",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15658"
},
{
"cve": "CVE-2020-15659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15659"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15659",
"url": "https://www.suse.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15659",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-15659"
},
{
"cve": "CVE-2020-6463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6463"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6463",
"url": "https://www.suse.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "SUSE Bug 1171975 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1171975"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "moderate"
}
],
"title": "CVE-2020-6463"
},
{
"cve": "CVE-2020-6514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6514"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6514",
"url": "https://www.suse.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "SUSE Bug 1174189 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174189"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"HPE Helion OpenStack 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"HPE Helion OpenStack 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Enterprise Storage 5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP2-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-BCL:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP3-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP2:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP3:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP4:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.aarch64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.s390x",
"SUSE OpenStack Cloud 7:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 8:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-devel-78.1.0-112.8.1.x86_64",
"SUSE OpenStack Cloud Crowbar 9:MozillaFirefox-translations-common-78.1.0-112.8.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-07-31T12:04:41Z",
"details": "important"
}
],
"title": "CVE-2020-6514"
}
]
}
suse-su-2020:2118-1
Vulnerability from csaf_suse
Published
2020-08-04 13:16
Modified
2020-08-04 13:16
Summary
Security update for MozillaFirefox
Notes
Title of the patch
Security update for MozillaFirefox
Description of the patch
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.1.0 ESR
* Fixed: Various stability, functionality, and security fixes (bsc#1174538)
* CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker
* CVE-2020-6514: WebRTC data channel leaks internal address to peer
* CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653: Bypassing iframe sandbox when allowing popups
* CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656: Type confusion for special arguments in IonMonkey
* CVE-2020-15658: Overriding file type when saving to disk
* CVE-2020-15657: DLL hijacking due to incorrect loading path
* CVE-2020-15654: Custom cursor can overlay user interface
* CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
Patchnames
SUSE-2020-2118,SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-2118
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox fixes the following issues:\n\n- Firefox Extended Support Release 78.1.0 ESR\n * Fixed: Various stability, functionality, and security fixes (bsc#1174538)\n * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker\n * CVE-2020-6514: WebRTC data channel leaks internal address to peer\n * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy\n * CVE-2020-15653: Bypassing iframe sandbox when allowing popups\n * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture\n * CVE-2020-15656: Type confusion for special arguments in IonMonkey\n * CVE-2020-15658: Overriding file type when saving to disk\n * CVE-2020-15657: DLL hijacking due to incorrect loading path\n * CVE-2020-15654: Custom cursor can overlay user interface\n * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-2118,SUSE-SLE-Module-Desktop-Applications-15-SP1-2020-2118",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2118-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:2118-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20202118-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:2118-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-August/007223.html"
},
{
"category": "self",
"summary": "SUSE Bug 1174538",
"url": "https://bugzilla.suse.com/1174538"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15653 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15654 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15655 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15657 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15658 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15659 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6463 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6514 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6514/"
}
],
"title": "Security update for MozillaFirefox",
"tracking": {
"current_release_date": "2020-08-04T13:16:01Z",
"generator": {
"date": "2020-08-04T13:16:01Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:2118-1",
"initial_release_date": "2020-08-04T13:16:01Z",
"revision_history": [
{
"date": "2020-08-04T13:16:01Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-3.100.2.aarch64",
"product": {
"name": "MozillaFirefox-78.1.0-3.100.2.aarch64",
"product_id": "MozillaFirefox-78.1.0-3.100.2.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.aarch64",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"product": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"product_id": "MozillaFirefox-devel-78.1.0-3.100.2.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"product_id": "MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"product_id": "MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-3.100.2.i686",
"product": {
"name": "MozillaFirefox-78.1.0-3.100.2.i686",
"product_id": "MozillaFirefox-78.1.0-3.100.2.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.i686",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.i686",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-78.1.0-3.100.2.i686",
"product": {
"name": "MozillaFirefox-buildsymbols-78.1.0-3.100.2.i686",
"product_id": "MozillaFirefox-buildsymbols-78.1.0-3.100.2.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-3.100.2.i686",
"product": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.i686",
"product_id": "MozillaFirefox-devel-78.1.0-3.100.2.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.i686",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.i686",
"product_id": "MozillaFirefox-translations-common-78.1.0-3.100.2.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.i686",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.i686",
"product_id": "MozillaFirefox-translations-other-78.1.0-3.100.2.i686"
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-3.100.2.ppc64le",
"product": {
"name": "MozillaFirefox-78.1.0-3.100.2.ppc64le",
"product_id": "MozillaFirefox-78.1.0-3.100.2.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"product": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"product_id": "MozillaFirefox-devel-78.1.0-3.100.2.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"product_id": "MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"product_id": "MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-3.100.2.s390x",
"product": {
"name": "MozillaFirefox-78.1.0-3.100.2.s390x",
"product_id": "MozillaFirefox-78.1.0-3.100.2.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.s390x",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-3.100.2.s390x",
"product": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.s390x",
"product_id": "MozillaFirefox-devel-78.1.0-3.100.2.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"product_id": "MozillaFirefox-translations-common-78.1.0-3.100.2.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"product_id": "MozillaFirefox-translations-other-78.1.0-3.100.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-3.100.2.x86_64",
"product": {
"name": "MozillaFirefox-78.1.0-3.100.2.x86_64",
"product_id": "MozillaFirefox-78.1.0-3.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.x86_64",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-3.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-78.1.0-3.100.2.x86_64",
"product": {
"name": "MozillaFirefox-buildsymbols-78.1.0-3.100.2.x86_64",
"product_id": "MozillaFirefox-buildsymbols-78.1.0-3.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"product": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"product_id": "MozillaFirefox-devel-78.1.0-3.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"product_id": "MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64",
"product_id": "MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-3.100.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64"
},
"product_reference": "MozillaFirefox-78.1.0-3.100.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-3.100.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-3.100.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-3.100.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-3.100.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-3.100.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-3.100.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-3.100.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15652"
}
],
"notes": [
{
"category": "general",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15652",
"url": "https://www.suse.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15652",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15652"
},
{
"cve": "CVE-2020-15653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15653"
}
],
"notes": [
{
"category": "general",
"text": "An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15653",
"url": "https://www.suse.com/security/cve/CVE-2020-15653"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15653",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15653"
},
{
"cve": "CVE-2020-15654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15654"
}
],
"notes": [
{
"category": "general",
"text": "When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15654",
"url": "https://www.suse.com/security/cve/CVE-2020-15654"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15654",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15654"
},
{
"cve": "CVE-2020-15655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15655"
}
],
"notes": [
{
"category": "general",
"text": "A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15655",
"url": "https://www.suse.com/security/cve/CVE-2020-15655"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15655",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15655"
},
{
"cve": "CVE-2020-15656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15656"
}
],
"notes": [
{
"category": "general",
"text": "JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15656",
"url": "https://www.suse.com/security/cve/CVE-2020-15656"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15656",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15656"
},
{
"cve": "CVE-2020-15657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15657"
}
],
"notes": [
{
"category": "general",
"text": "Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15657",
"url": "https://www.suse.com/security/cve/CVE-2020-15657"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15657",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15657"
},
{
"cve": "CVE-2020-15658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15658"
}
],
"notes": [
{
"category": "general",
"text": "The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15658",
"url": "https://www.suse.com/security/cve/CVE-2020-15658"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15658",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15658"
},
{
"cve": "CVE-2020-15659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15659"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15659",
"url": "https://www.suse.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15659",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-15659"
},
{
"cve": "CVE-2020-6463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6463"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6463",
"url": "https://www.suse.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "SUSE Bug 1171975 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1171975"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "moderate"
}
],
"title": "CVE-2020-6463"
},
{
"cve": "CVE-2020-6514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6514"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6514",
"url": "https://www.suse.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "SUSE Bug 1174189 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174189"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-devel-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-common-78.1.0-3.100.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP1:MozillaFirefox-translations-other-78.1.0-3.100.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-04T13:16:01Z",
"details": "important"
}
],
"title": "CVE-2020-6514"
}
]
}
suse-su-2020:2179-1
Vulnerability from csaf_suse
Published
2020-08-10 08:06
Modified
2020-08-10 08:06
Summary
Security update for MozillaThunderbird
Notes
Title of the patch
Security update for MozillaThunderbird
Description of the patch
This update for MozillaThunderbird fixes the following issues:
- Updated to Mozilla Thunderbird 68.11:
* Fixed various security issues (MFSA-2020-35, bsc#1174538).
* Fixed CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker (bsc#1174538).
* Fixed CVE-2020-6514: WebRTC data channel leaks internal address to peer (bsc#1174538).
* Fixed CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture (bsc#1174538).
* Fixed CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11 (bsc#1174538).
* Fixed a bug with FileLink attachments included as a link and file when added from a network drive via drag & drop (bmo#793118).
Patchnames
SUSE-2020-2179,SUSE-SLE-Product-WE-15-SP1-2020-2179,SUSE-SLE-Product-WE-15-SP2-2020-2179
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaThunderbird",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaThunderbird fixes the following issues:\n\n- Updated to Mozilla Thunderbird 68.11:\n * Fixed various security issues (MFSA-2020-35, bsc#1174538).\n * Fixed CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker (bsc#1174538).\n * Fixed CVE-2020-6514: WebRTC data channel leaks internal address to peer (bsc#1174538).\n * Fixed CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture (bsc#1174538).\n * Fixed CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11 (bsc#1174538).\n * Fixed a bug with FileLink attachments included as a link and file when added from a network drive via drag \u0026 drop (bmo#793118).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-2179,SUSE-SLE-Product-WE-15-SP1-2020-2179,SUSE-SLE-Product-WE-15-SP2-2020-2179",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2179-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:2179-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20202179-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:2179-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-August/007246.html"
},
{
"category": "self",
"summary": "SUSE Bug 1174538",
"url": "https://bugzilla.suse.com/1174538"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15659 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6463 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6514 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6514/"
}
],
"title": "Security update for MozillaThunderbird",
"tracking": {
"current_release_date": "2020-08-10T08:06:37Z",
"generator": {
"date": "2020-08-10T08:06:37Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:2179-1",
"initial_release_date": "2020-08-10T08:06:37Z",
"revision_history": [
{
"date": "2020-08-10T08:06:37Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-68.11.0-3.91.1.aarch64",
"product": {
"name": "MozillaThunderbird-68.11.0-3.91.1.aarch64",
"product_id": "MozillaThunderbird-68.11.0-3.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.aarch64",
"product_id": "MozillaThunderbird-translations-common-68.11.0-3.91.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.aarch64",
"product_id": "MozillaThunderbird-translations-other-68.11.0-3.91.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-68.11.0-3.91.1.ppc64le",
"product": {
"name": "MozillaThunderbird-68.11.0-3.91.1.ppc64le",
"product_id": "MozillaThunderbird-68.11.0-3.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.ppc64le",
"product_id": "MozillaThunderbird-translations-common-68.11.0-3.91.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.ppc64le",
"product_id": "MozillaThunderbird-translations-other-68.11.0-3.91.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-68.11.0-3.91.1.s390x",
"product": {
"name": "MozillaThunderbird-68.11.0-3.91.1.s390x",
"product_id": "MozillaThunderbird-68.11.0-3.91.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.s390x",
"product_id": "MozillaThunderbird-translations-common-68.11.0-3.91.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.s390x",
"product_id": "MozillaThunderbird-translations-other-68.11.0-3.91.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-68.11.0-3.91.1.x86_64",
"product": {
"name": "MozillaThunderbird-68.11.0-3.91.1.x86_64",
"product_id": "MozillaThunderbird-68.11.0-3.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-68.11.0-3.91.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64"
},
"product_reference": "MozillaThunderbird-68.11.0-3.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP1",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-68.11.0-3.91.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64"
},
"product_reference": "MozillaThunderbird-68.11.0-3.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP2",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15652"
}
],
"notes": [
{
"category": "general",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15652",
"url": "https://www.suse.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15652",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-10T08:06:37Z",
"details": "important"
}
],
"title": "CVE-2020-15652"
},
{
"cve": "CVE-2020-15659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15659"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15659",
"url": "https://www.suse.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15659",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-10T08:06:37Z",
"details": "important"
}
],
"title": "CVE-2020-15659"
},
{
"cve": "CVE-2020-6463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6463"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6463",
"url": "https://www.suse.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "SUSE Bug 1171975 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1171975"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-10T08:06:37Z",
"details": "moderate"
}
],
"title": "CVE-2020-6463"
},
{
"cve": "CVE-2020-6514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6514"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6514",
"url": "https://www.suse.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "SUSE Bug 1174189 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174189"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP1:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-common-68.11.0-3.91.1.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP2:MozillaThunderbird-translations-other-68.11.0-3.91.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-10T08:06:37Z",
"details": "important"
}
],
"title": "CVE-2020-6514"
}
]
}
suse-su-2020:14456-1
Vulnerability from csaf_suse
Published
2020-08-18 10:11
Modified
2020-08-18 10:11
Summary
Security update for MozillaFirefox
Notes
Title of the patch
Security update for MozillaFirefox
Description of the patch
This update for MozillaFirefox fixes the following issues:
- Fix broken translation-loading (boo#1173991)
* allow addon sideloading
* mark signatures for langpacks non-mandatory
* do not autodisable user profile scopes
- Google API key is not usable for geolocation service any more
- Mozilla Firefox 78.1 ESR
* Fixed: Various stability, functionality, and security fixe
(MFSA 2020-32) (bsc#1174538).
* CVE-2020-15652 (bmo#1634872)
Potential leak of redirect targets when loading scripts in a
worker
* CVE-2020-6514 (bmo#1642792)
WebRTC data channel leaks internal address to peer
* CVE-2020-15655 (bmo#1645204)
Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653 (bmo#1521542)
Bypassing iframe sandbox when allowing popups
* CVE-2020-6463 (bmo#1635293)
Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656 (bmo#1647293)
Type confusion for special arguments in IonMonkey
* CVE-2020-15658 (bmo#1637745)
Overriding file type when saving to disk
* CVE-2020-15657 (bmo#1644954)
DLL hijacking due to incorrect loading path
* CVE-2020-15654 (bmo#1648333)
Custom cursor can overlay user interface
* CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613,
bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646787,
bmo#1649347, bmo#1650811, bmo#1651678)
Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
- Add sle11-icu-generation-python3.patch to fix icu-generation
on big endian platforms
- Mozilla Firefox 78.0.2 ESR
* MFSA 2020-28 (bsc#1173948)
* MFSA-2020-0003 (bmo#1644076)
X-Frame-Options bypass using object or embed tags
* Fixed: Fixed an accessibility regression in reader mode
(bmo#1650922)
* Fixed: Made the address bar more resilient to data corruption
in the user profile (bmo#1649981)
* Fixed: Fixed a regression opening certain external
applications (bmo#1650162)
Patchnames
slessp4-MozillaFirefox-14456
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox fixes the following issues:\n\n- Fix broken translation-loading (boo#1173991) \n * allow addon sideloading\n * mark signatures for langpacks non-mandatory\n * do not autodisable user profile scopes\n- Google API key is not usable for geolocation service any more\n\n- Mozilla Firefox 78.1 ESR\n * Fixed: Various stability, functionality, and security fixe\n (MFSA 2020-32) (bsc#1174538).\n * CVE-2020-15652 (bmo#1634872)\n Potential leak of redirect targets when loading scripts in a\n worker\n * CVE-2020-6514 (bmo#1642792)\n WebRTC data channel leaks internal address to peer\n * CVE-2020-15655 (bmo#1645204)\n Extension APIs could be used to bypass Same-Origin Policy\n * CVE-2020-15653 (bmo#1521542)\n Bypassing iframe sandbox when allowing popups\n * CVE-2020-6463 (bmo#1635293)\n Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture\n * CVE-2020-15656 (bmo#1647293)\n Type confusion for special arguments in IonMonkey\n * CVE-2020-15658 (bmo#1637745)\n Overriding file type when saving to disk\n * CVE-2020-15657 (bmo#1644954)\n DLL hijacking due to incorrect loading path\n * CVE-2020-15654 (bmo#1648333)\n Custom cursor can overlay user interface\n * CVE-2020-15659 (bmo#1550133, bmo#1633880, bmo#1643613,\n bmo#1644839, bmo#1645835, bmo#1646006, bmo#1646787,\n bmo#1649347, bmo#1650811, bmo#1651678)\n Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1\n\n- Add sle11-icu-generation-python3.patch to fix icu-generation\n on big endian platforms \n\n- Mozilla Firefox 78.0.2 ESR\n * MFSA 2020-28 (bsc#1173948)\n * MFSA-2020-0003 (bmo#1644076)\n X-Frame-Options bypass using object or embed tags\n * Fixed: Fixed an accessibility regression in reader mode\n (bmo#1650922)\n * Fixed: Made the address bar more resilient to data corruption\n in the user profile (bmo#1649981)\n * Fixed: Fixed a regression opening certain external\n applications (bmo#1650162)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "slessp4-MozillaFirefox-14456",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_14456-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:14456-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-202014456-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:14456-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-August/007275.html"
},
{
"category": "self",
"summary": "SUSE Bug 1173948",
"url": "https://bugzilla.suse.com/1173948"
},
{
"category": "self",
"summary": "SUSE Bug 1173991",
"url": "https://bugzilla.suse.com/1173991"
},
{
"category": "self",
"summary": "SUSE Bug 1174538",
"url": "https://bugzilla.suse.com/1174538"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15653 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15654 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15655 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15657 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15658 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15659 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6463 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6514 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6514/"
}
],
"title": "Security update for MozillaFirefox",
"tracking": {
"current_release_date": "2020-08-18T10:11:12Z",
"generator": {
"date": "2020-08-18T10:11:12Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:14456-1",
"initial_release_date": "2020-08-18T10:11:12Z",
"revision_history": [
{
"date": "2020-08-18T10:11:12Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-78.87.1.x86_64",
"product": {
"name": "MozillaFirefox-78.1.0-78.87.1.x86_64",
"product_id": "MozillaFirefox-78.1.0-78.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"product_id": "MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64",
"product_id": "MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_sles:11:sp4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-78.87.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-78.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS",
"product_id": "SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 11 SP4-LTSS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15652"
}
],
"notes": [
{
"category": "general",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15652",
"url": "https://www.suse.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15652",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15652"
},
{
"cve": "CVE-2020-15653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15653"
}
],
"notes": [
{
"category": "general",
"text": "An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15653",
"url": "https://www.suse.com/security/cve/CVE-2020-15653"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15653",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15653"
},
{
"cve": "CVE-2020-15654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15654"
}
],
"notes": [
{
"category": "general",
"text": "When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15654",
"url": "https://www.suse.com/security/cve/CVE-2020-15654"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15654",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15654"
},
{
"cve": "CVE-2020-15655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15655"
}
],
"notes": [
{
"category": "general",
"text": "A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15655",
"url": "https://www.suse.com/security/cve/CVE-2020-15655"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15655",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15655"
},
{
"cve": "CVE-2020-15656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15656"
}
],
"notes": [
{
"category": "general",
"text": "JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15656",
"url": "https://www.suse.com/security/cve/CVE-2020-15656"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15656",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15656"
},
{
"cve": "CVE-2020-15657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15657"
}
],
"notes": [
{
"category": "general",
"text": "Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15657",
"url": "https://www.suse.com/security/cve/CVE-2020-15657"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15657",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15657"
},
{
"cve": "CVE-2020-15658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15658"
}
],
"notes": [
{
"category": "general",
"text": "The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15658",
"url": "https://www.suse.com/security/cve/CVE-2020-15658"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15658",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15658"
},
{
"cve": "CVE-2020-15659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15659"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15659",
"url": "https://www.suse.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15659",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-15659"
},
{
"cve": "CVE-2020-6463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6463"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6463",
"url": "https://www.suse.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "SUSE Bug 1171975 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1171975"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "moderate"
}
],
"title": "CVE-2020-6463"
},
{
"cve": "CVE-2020-6514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6514"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6514",
"url": "https://www.suse.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "SUSE Bug 1174189 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174189"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-common-78.1.0-78.87.1.x86_64",
"SUSE Linux Enterprise Server 11 SP4-LTSS:MozillaFirefox-translations-other-78.1.0-78.87.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-18T10:11:12Z",
"details": "important"
}
],
"title": "CVE-2020-6514"
}
]
}
suse-su-2020:2147-1
Vulnerability from csaf_suse
Published
2020-08-06 11:36
Modified
2020-08-06 11:36
Summary
Security update for MozillaFirefox
Notes
Title of the patch
Security update for MozillaFirefox
Description of the patch
This update for MozillaFirefox fixes the following issues:
This update for MozillaFirefox and pipewire fixes the following issues:
MozillaFirefox Extended Support Release 78.1.0 ESR
* Fixed: Various stability, functionality, and security fixes (bsc#1174538)
* CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker
* CVE-2020-6514: WebRTC data channel leaks internal address to peer
* CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653: Bypassing iframe sandbox when allowing popups
* CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656: Type confusion for special arguments in IonMonkey
* CVE-2020-15658: Overriding file type when saving to disk
* CVE-2020-15657: DLL hijacking due to incorrect loading path
* CVE-2020-15654: Custom cursor can overlay user interface
* CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
pipewire was updated to version 0.3.6 (bsc#1171433, jsc#ECO-2308):
* Extensive memory leak fixing and stress testing was done.
A big leak in screen sharing with DMA-BUF was fixed.
* Compile fixes
* Stability improvements in jack and pulseaudio layers.
* Added the old portal module to make the Camera portal
work again. This will be moved to the session manager in
future versions.
* Improvements to the GStreamer source and sink shutdown.
* Fix compatibility with v2 clients again when negotiating
buffers.
Patchnames
SUSE-2020-2147,SUSE-SLE-Module-Desktop-Applications-15-SP2-2020-2147
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox fixes the following issues:\n\nThis update for MozillaFirefox and pipewire fixes the following issues:\n\nMozillaFirefox Extended Support Release 78.1.0 ESR\n\n* Fixed: Various stability, functionality, and security fixes (bsc#1174538)\n* CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker\n* CVE-2020-6514: WebRTC data channel leaks internal address to peer\n* CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy\n* CVE-2020-15653: Bypassing iframe sandbox when allowing popups\n* CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture\n* CVE-2020-15656: Type confusion for special arguments in IonMonkey\n* CVE-2020-15658: Overriding file type when saving to disk\n* CVE-2020-15657: DLL hijacking due to incorrect loading path\n* CVE-2020-15654: Custom cursor can overlay user interface\n* CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1\n\npipewire was updated to version 0.3.6 (bsc#1171433, jsc#ECO-2308):\n\n* Extensive memory leak fixing and stress testing was done.\n A big leak in screen sharing with DMA-BUF was fixed.\n* Compile fixes\n* Stability improvements in jack and pulseaudio layers.\n* Added the old portal module to make the Camera portal\n work again. This will be moved to the session manager in\n future versions.\n* Improvements to the GStreamer source and sink shutdown.\n* Fix compatibility with v2 clients again when negotiating\n buffers.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-2147,SUSE-SLE-Module-Desktop-Applications-15-SP2-2020-2147",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_2147-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:2147-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20202147-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:2147-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-August/007233.html"
},
{
"category": "self",
"summary": "SUSE Bug 1171433",
"url": "https://bugzilla.suse.com/1171433"
},
{
"category": "self",
"summary": "SUSE Bug 1174538",
"url": "https://bugzilla.suse.com/1174538"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15653 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15654 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15655 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15657 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15658 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15659 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6463 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6514 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6514/"
}
],
"title": "Security update for MozillaFirefox",
"tracking": {
"current_release_date": "2020-08-06T11:36:05Z",
"generator": {
"date": "2020-08-06T11:36:05Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:2147-1",
"initial_release_date": "2020-08-06T11:36:05Z",
"revision_history": [
{
"date": "2020-08-06T11:36:05Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-8.3.1.aarch64",
"product": {
"name": "MozillaFirefox-78.1.0-8.3.1.aarch64",
"product_id": "MozillaFirefox-78.1.0-8.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"product": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"product_id": "MozillaFirefox-branding-SLE-78-9.2.4.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"product": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"product_id": "MozillaFirefox-devel-78.1.0-8.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"product_id": "MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"product_id": "MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.aarch64",
"product": {
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.aarch64",
"product_id": "gstreamer-plugin-pipewire-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"product": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"product_id": "libpipewire-0_3-0-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-devel-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-devel-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-devel-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-doc-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-doc-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-doc-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-libjack-0_3-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-libpulse-0_3-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-modules-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-modules-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-modules-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-spa-tools-0.3.6-3.3.2.aarch64"
}
},
{
"category": "product_version",
"name": "pipewire-tools-0.3.6-3.3.2.aarch64",
"product": {
"name": "pipewire-tools-0.3.6-3.3.2.aarch64",
"product_id": "pipewire-tools-0.3.6-3.3.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLE-78-9.2.4.i586",
"product": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.i586",
"product_id": "MozillaFirefox-branding-SLE-78-9.2.4.i586"
}
},
{
"category": "product_version",
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.i586",
"product": {
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.i586",
"product_id": "gstreamer-plugin-pipewire-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "libpipewire-0_3-0-0.3.6-3.3.2.i586",
"product": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.i586",
"product_id": "libpipewire-0_3-0-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-0.3.6-3.3.2.i586",
"product_id": "pipewire-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-devel-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-devel-0.3.6-3.3.2.i586",
"product_id": "pipewire-devel-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-doc-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-doc-0.3.6-3.3.2.i586",
"product_id": "pipewire-doc-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.i586",
"product_id": "pipewire-libjack-0_3-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.i586",
"product_id": "pipewire-libpulse-0_3-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-modules-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-modules-0.3.6-3.3.2.i586",
"product_id": "pipewire-modules-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.i586",
"product_id": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-spa-tools-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.i586",
"product_id": "pipewire-spa-tools-0.3.6-3.3.2.i586"
}
},
{
"category": "product_version",
"name": "pipewire-tools-0.3.6-3.3.2.i586",
"product": {
"name": "pipewire-tools-0.3.6-3.3.2.i586",
"product_id": "pipewire-tools-0.3.6-3.3.2.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-8.3.1.i686",
"product": {
"name": "MozillaFirefox-78.1.0-8.3.1.i686",
"product_id": "MozillaFirefox-78.1.0-8.3.1.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.i686",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.i686",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-78.1.0-8.3.1.i686",
"product": {
"name": "MozillaFirefox-buildsymbols-78.1.0-8.3.1.i686",
"product_id": "MozillaFirefox-buildsymbols-78.1.0-8.3.1.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-8.3.1.i686",
"product": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.i686",
"product_id": "MozillaFirefox-devel-78.1.0-8.3.1.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.i686",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.i686",
"product_id": "MozillaFirefox-translations-common-78.1.0-8.3.1.i686"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.i686",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.i686",
"product_id": "MozillaFirefox-translations-other-78.1.0-8.3.1.i686"
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-8.3.1.ppc64le",
"product": {
"name": "MozillaFirefox-78.1.0-8.3.1.ppc64le",
"product_id": "MozillaFirefox-78.1.0-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"product": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"product_id": "MozillaFirefox-branding-SLE-78-9.2.4.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"product": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"product_id": "MozillaFirefox-devel-78.1.0-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.ppc64le",
"product": {
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.ppc64le",
"product_id": "gstreamer-plugin-pipewire-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"product": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"product_id": "libpipewire-0_3-0-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-devel-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-devel-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-devel-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-doc-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-doc-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-doc-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-libjack-0_3-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-libpulse-0_3-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-modules-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-modules-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-modules-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-spa-tools-0.3.6-3.3.2.ppc64le"
}
},
{
"category": "product_version",
"name": "pipewire-tools-0.3.6-3.3.2.ppc64le",
"product": {
"name": "pipewire-tools-0.3.6-3.3.2.ppc64le",
"product_id": "pipewire-tools-0.3.6-3.3.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-8.3.1.s390x",
"product": {
"name": "MozillaFirefox-78.1.0-8.3.1.s390x",
"product_id": "MozillaFirefox-78.1.0-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"product": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"product_id": "MozillaFirefox-branding-SLE-78-9.2.4.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-8.3.1.s390x",
"product": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.s390x",
"product_id": "MozillaFirefox-devel-78.1.0-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"product_id": "MozillaFirefox-translations-common-78.1.0-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"product_id": "MozillaFirefox-translations-other-78.1.0-8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.s390x",
"product": {
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.s390x",
"product_id": "gstreamer-plugin-pipewire-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"product": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"product_id": "libpipewire-0_3-0-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-0.3.6-3.3.2.s390x",
"product_id": "pipewire-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-devel-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-devel-0.3.6-3.3.2.s390x",
"product_id": "pipewire-devel-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-doc-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-doc-0.3.6-3.3.2.s390x",
"product_id": "pipewire-doc-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.s390x",
"product_id": "pipewire-libjack-0_3-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.s390x",
"product_id": "pipewire-libpulse-0_3-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-modules-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-modules-0.3.6-3.3.2.s390x",
"product_id": "pipewire-modules-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"product_id": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-spa-tools-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.s390x",
"product_id": "pipewire-spa-tools-0.3.6-3.3.2.s390x"
}
},
{
"category": "product_version",
"name": "pipewire-tools-0.3.6-3.3.2.s390x",
"product": {
"name": "pipewire-tools-0.3.6-3.3.2.s390x",
"product_id": "pipewire-tools-0.3.6-3.3.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-8.3.1.x86_64",
"product": {
"name": "MozillaFirefox-78.1.0-8.3.1.x86_64",
"product_id": "MozillaFirefox-78.1.0-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"product": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"product_id": "MozillaFirefox-branding-SLE-78-9.2.4.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-78.1.0-8.3.1.x86_64",
"product": {
"name": "MozillaFirefox-buildsymbols-78.1.0-8.3.1.x86_64",
"product_id": "MozillaFirefox-buildsymbols-78.1.0-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"product_id": "MozillaFirefox-devel-78.1.0-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"product_id": "MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"product_id": "MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.x86_64",
"product": {
"name": "gstreamer-plugin-pipewire-0.3.6-3.3.2.x86_64",
"product_id": "gstreamer-plugin-pipewire-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"product": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"product_id": "libpipewire-0_3-0-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-devel-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-devel-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-devel-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-doc-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-doc-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-doc-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-libjack-0_3-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-libjack-0_3-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-libpulse-0_3-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-libpulse-0_3-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-modules-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-modules-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-modules-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-spa-tools-0.3.6-3.3.2.x86_64"
}
},
{
"category": "product_version",
"name": "pipewire-tools-0.3.6-3.3.2.x86_64",
"product": {
"name": "pipewire-tools-0.3.6-3.3.2.x86_64",
"product_id": "pipewire-tools-0.3.6-3.3.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-desktop-applications:15:sp2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-8.3.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64"
},
"product_reference": "MozillaFirefox-78.1.0-8.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-8.3.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le"
},
"product_reference": "MozillaFirefox-78.1.0-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-8.3.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x"
},
"product_reference": "MozillaFirefox-78.1.0-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-8.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64"
},
"product_reference": "MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le"
},
"product_reference": "MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x"
},
"product_reference": "MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-SLE-78-9.2.4.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64"
},
"product_reference": "MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le"
},
"product_reference": "MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-8.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64"
},
"product_reference": "libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le"
},
"product_reference": "libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x"
},
"product_reference": "libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libpipewire-0_3-0-0.3.6-3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64"
},
"product_reference": "libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-0.3.6-3.3.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64"
},
"product_reference": "pipewire-0.3.6-3.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-0.3.6-3.3.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le"
},
"product_reference": "pipewire-0.3.6-3.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-0.3.6-3.3.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x"
},
"product_reference": "pipewire-0.3.6-3.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-0.3.6-3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64"
},
"product_reference": "pipewire-0.3.6-3.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-modules-0.3.6-3.3.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64"
},
"product_reference": "pipewire-modules-0.3.6-3.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-modules-0.3.6-3.3.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le"
},
"product_reference": "pipewire-modules-0.3.6-3.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-modules-0.3.6-3.3.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x"
},
"product_reference": "pipewire-modules-0.3.6-3.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-modules-0.3.6-3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64"
},
"product_reference": "pipewire-modules-0.3.6-3.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64"
},
"product_reference": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le"
},
"product_reference": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x"
},
"product_reference": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64"
},
"product_reference": "pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64"
},
"product_reference": "pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le"
},
"product_reference": "pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x"
},
"product_reference": "pipewire-spa-tools-0.3.6-3.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-spa-tools-0.3.6-3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64"
},
"product_reference": "pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-tools-0.3.6-3.3.2.aarch64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64"
},
"product_reference": "pipewire-tools-0.3.6-3.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-tools-0.3.6-3.3.2.ppc64le as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le"
},
"product_reference": "pipewire-tools-0.3.6-3.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-tools-0.3.6-3.3.2.s390x as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x"
},
"product_reference": "pipewire-tools-0.3.6-3.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "pipewire-tools-0.3.6-3.3.2.x86_64 as component of SUSE Linux Enterprise Module for Desktop Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
},
"product_reference": "pipewire-tools-0.3.6-3.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Desktop Applications 15 SP2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15652"
}
],
"notes": [
{
"category": "general",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15652",
"url": "https://www.suse.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15652",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15652"
},
{
"cve": "CVE-2020-15653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15653"
}
],
"notes": [
{
"category": "general",
"text": "An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15653",
"url": "https://www.suse.com/security/cve/CVE-2020-15653"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15653",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15653"
},
{
"cve": "CVE-2020-15654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15654"
}
],
"notes": [
{
"category": "general",
"text": "When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15654",
"url": "https://www.suse.com/security/cve/CVE-2020-15654"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15654",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15654"
},
{
"cve": "CVE-2020-15655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15655"
}
],
"notes": [
{
"category": "general",
"text": "A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15655",
"url": "https://www.suse.com/security/cve/CVE-2020-15655"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15655",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15655"
},
{
"cve": "CVE-2020-15656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15656"
}
],
"notes": [
{
"category": "general",
"text": "JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15656",
"url": "https://www.suse.com/security/cve/CVE-2020-15656"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15656",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15656"
},
{
"cve": "CVE-2020-15657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15657"
}
],
"notes": [
{
"category": "general",
"text": "Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15657",
"url": "https://www.suse.com/security/cve/CVE-2020-15657"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15657",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15657"
},
{
"cve": "CVE-2020-15658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15658"
}
],
"notes": [
{
"category": "general",
"text": "The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15658",
"url": "https://www.suse.com/security/cve/CVE-2020-15658"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15658",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15658"
},
{
"cve": "CVE-2020-15659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15659"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15659",
"url": "https://www.suse.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15659",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-15659"
},
{
"cve": "CVE-2020-6463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6463"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6463",
"url": "https://www.suse.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "SUSE Bug 1171975 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1171975"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "moderate"
}
],
"title": "CVE-2020-6463"
},
{
"cve": "CVE-2020-6514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6514"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6514",
"url": "https://www.suse.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "SUSE Bug 1174189 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174189"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-branding-SLE-78-9.2.4.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-devel-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-common-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:MozillaFirefox-translations-other-78.1.0-8.3.1.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:libpipewire-0_3-0-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-modules-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-plugins-0_2-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-spa-tools-0.3.6-3.3.2.x86_64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.aarch64",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.ppc64le",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.s390x",
"SUSE Linux Enterprise Module for Desktop Applications 15 SP2:pipewire-tools-0.3.6-3.3.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-06T11:36:05Z",
"details": "important"
}
],
"title": "CVE-2020-6514"
}
]
}
opensuse-su-2020:1147-1
Vulnerability from csaf_opensuse
Published
2020-08-05 07:40
Modified
2020-08-05 07:40
Summary
Security update for MozillaFirefox
Notes
Title of the patch
Security update for MozillaFirefox
Description of the patch
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 78.1.0 ESR
* Fixed: Various stability, functionality, and security fixes (bsc#1174538)
* CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker
* CVE-2020-6514: WebRTC data channel leaks internal address to peer
* CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy
* CVE-2020-15653: Bypassing iframe sandbox when allowing popups
* CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture
* CVE-2020-15656: Type confusion for special arguments in IonMonkey
* CVE-2020-15658: Overriding file type when saving to disk
* CVE-2020-15657: DLL hijacking due to incorrect loading path
* CVE-2020-15654: Custom cursor can overlay user interface
* CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-1147
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox fixes the following issues:\n\n- Firefox Extended Support Release 78.1.0 ESR\n * Fixed: Various stability, functionality, and security fixes (bsc#1174538)\n * CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker\n * CVE-2020-6514: WebRTC data channel leaks internal address to peer\n * CVE-2020-15655: Extension APIs could be used to bypass Same-Origin Policy\n * CVE-2020-15653: Bypassing iframe sandbox when allowing popups\n * CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture\n * CVE-2020-15656: Type confusion for special arguments in IonMonkey\n * CVE-2020-15658: Overriding file type when saving to disk\n * CVE-2020-15657: DLL hijacking due to incorrect loading path\n * CVE-2020-15654: Custom cursor can overlay user interface\n * CVE-2020-15659: Memory safety bugs fixed in Firefox 79 and Firefox ESR 78.1\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1147",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1147-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1147-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5DGEDDAZOZ3MVQ6CTQDOF3OY2ZULXYVT/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1147-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5DGEDDAZOZ3MVQ6CTQDOF3OY2ZULXYVT/"
},
{
"category": "self",
"summary": "SUSE Bug 1174538",
"url": "https://bugzilla.suse.com/1174538"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15653 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15653/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15654 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15654/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15655 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15656 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15656/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15657 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15657/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15658 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15658/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15659 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6463 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6514 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6514/"
}
],
"title": "Security update for MozillaFirefox",
"tracking": {
"current_release_date": "2020-08-05T07:40:10Z",
"generator": {
"date": "2020-08-05T07:40:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1147-1",
"initial_release_date": "2020-08-05T07:40:10Z",
"revision_history": [
{
"date": "2020-08-05T07:40:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"product": {
"name": "MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"product_id": "MozillaFirefox-78.1.0-lp151.2.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"product": {
"name": "MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"product_id": "MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"product": {
"name": "MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"product_id": "MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"product_id": "MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64",
"product_id": "MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-78.1.0-lp151.2.61.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64"
},
"product_reference": "MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64"
},
"product_reference": "MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64"
},
"product_reference": "MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64"
},
"product_reference": "MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15652"
}
],
"notes": [
{
"category": "general",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15652",
"url": "https://www.suse.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15652",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15652"
},
{
"cve": "CVE-2020-15653",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15653"
}
],
"notes": [
{
"category": "general",
"text": "An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15653",
"url": "https://www.suse.com/security/cve/CVE-2020-15653"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15653",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15653"
},
{
"cve": "CVE-2020-15654",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15654"
}
],
"notes": [
{
"category": "general",
"text": "When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15654",
"url": "https://www.suse.com/security/cve/CVE-2020-15654"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15654",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15654"
},
{
"cve": "CVE-2020-15655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15655"
}
],
"notes": [
{
"category": "general",
"text": "A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15655",
"url": "https://www.suse.com/security/cve/CVE-2020-15655"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15655",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15655"
},
{
"cve": "CVE-2020-15656",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15656"
}
],
"notes": [
{
"category": "general",
"text": "JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15656",
"url": "https://www.suse.com/security/cve/CVE-2020-15656"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15656",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15656"
},
{
"cve": "CVE-2020-15657",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15657"
}
],
"notes": [
{
"category": "general",
"text": "Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15657",
"url": "https://www.suse.com/security/cve/CVE-2020-15657"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15657",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15657"
},
{
"cve": "CVE-2020-15658",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15658"
}
],
"notes": [
{
"category": "general",
"text": "The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR \u003c 78.1, Firefox \u003c 79, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15658",
"url": "https://www.suse.com/security/cve/CVE-2020-15658"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15658",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 2.5,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15658"
},
{
"cve": "CVE-2020-15659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15659"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15659",
"url": "https://www.suse.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15659",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-15659"
},
{
"cve": "CVE-2020-6463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6463"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6463",
"url": "https://www.suse.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "SUSE Bug 1171975 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1171975"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "moderate"
}
],
"title": "CVE-2020-6463"
},
{
"cve": "CVE-2020-6514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6514"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6514",
"url": "https://www.suse.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "SUSE Bug 1174189 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174189"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaFirefox-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-branding-upstream-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-buildsymbols-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-devel-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-common-78.1.0-lp151.2.61.1.x86_64",
"openSUSE Leap 15.1:MozillaFirefox-translations-other-78.1.0-lp151.2.61.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-05T07:40:10Z",
"details": "important"
}
],
"title": "CVE-2020-6514"
}
]
}
opensuse-su-2020:1179-1
Vulnerability from csaf_opensuse
Published
2020-08-11 04:19
Modified
2020-08-11 04:19
Summary
Security update for MozillaThunderbird
Notes
Title of the patch
Security update for MozillaThunderbird
Description of the patch
This update for MozillaThunderbird fixes the following issues:
- Updated to Mozilla Thunderbird 68.11:
* Fixed various security issues (MFSA-2020-35, bsc#1174538).
* Fixed CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker (bsc#1174538).
* Fixed CVE-2020-6514: WebRTC data channel leaks internal address to peer (bsc#1174538).
* Fixed CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture (bsc#1174538).
* Fixed CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11 (bsc#1174538).
* Fixed a bug with FileLink attachments included as a link and file when added from a network drive via drag & drop (bmo#793118).
This update was imported from the SUSE:SLE-15:Update update project.
Patchnames
openSUSE-2020-1179
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaThunderbird",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaThunderbird fixes the following issues:\n\n- Updated to Mozilla Thunderbird 68.11:\n * Fixed various security issues (MFSA-2020-35, bsc#1174538).\n * Fixed CVE-2020-15652: Potential leak of redirect targets when loading scripts in a worker (bsc#1174538).\n * Fixed CVE-2020-6514: WebRTC data channel leaks internal address to peer (bsc#1174538).\n * Fixed CVE-2020-6463: Use-after-free in ANGLE gl::Texture::onUnbindAsSamplerTexture (bsc#1174538).\n * Fixed CVE-2020-15659: Memory safety bugs fixed in Thunderbird 68.11 (bsc#1174538).\n * Fixed a bug with FileLink attachments included as a link and file when added from a network drive via drag \u0026 drop (bmo#793118).\n\nThis update was imported from the SUSE:SLE-15:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-1179",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_1179-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:1179-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T7GAJX7QWS3CXVO7O3GQRKSU7ZZGE2NY/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:1179-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/T7GAJX7QWS3CXVO7O3GQRKSU7ZZGE2NY/"
},
{
"category": "self",
"summary": "SUSE Bug 1174538",
"url": "https://bugzilla.suse.com/1174538"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15652 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15652/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15659 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15659/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6463 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6463/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-6514 page",
"url": "https://www.suse.com/security/cve/CVE-2020-6514/"
}
],
"title": "Security update for MozillaThunderbird",
"tracking": {
"current_release_date": "2020-08-11T04:19:38Z",
"generator": {
"date": "2020-08-11T04:19:38Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:1179-1",
"initial_release_date": "2020-08-11T04:19:38Z",
"revision_history": [
{
"date": "2020-08-11T04:19:38Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"product": {
"name": "MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"product_id": "MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"product_id": "MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64",
"product_id": "MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64"
},
"product_reference": "MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-15652",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15652"
}
],
"notes": [
{
"category": "general",
"text": "By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15652",
"url": "https://www.suse.com/security/cve/CVE-2020-15652"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15652",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:L/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-11T04:19:38Z",
"details": "important"
}
],
"title": "CVE-2020-15652"
},
{
"cve": "CVE-2020-15659",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15659"
}
],
"notes": [
{
"category": "general",
"text": "Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 79, Firefox ESR \u003c 68.11, Firefox ESR \u003c 78.1, Thunderbird \u003c 68.11, and Thunderbird \u003c 78.1.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15659",
"url": "https://www.suse.com/security/cve/CVE-2020-15659"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-15659",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-11T04:19:38Z",
"details": "important"
}
],
"title": "CVE-2020-15659"
},
{
"cve": "CVE-2020-6463",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6463"
}
],
"notes": [
{
"category": "general",
"text": "Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6463",
"url": "https://www.suse.com/security/cve/CVE-2020-6463"
},
{
"category": "external",
"summary": "SUSE Bug 1171975 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1171975"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6463",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-11T04:19:38Z",
"details": "moderate"
}
],
"title": "CVE-2020-6463"
},
{
"cve": "CVE-2020-6514",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-6514"
}
],
"notes": [
{
"category": "general",
"text": "Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to potentially exploit heap corruption via a crafted SCTP stream.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-6514",
"url": "https://www.suse.com/security/cve/CVE-2020-6514"
},
{
"category": "external",
"summary": "SUSE Bug 1174189 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174189"
},
{
"category": "external",
"summary": "SUSE Bug 1174538 for CVE-2020-6514",
"url": "https://bugzilla.suse.com/1174538"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:MozillaThunderbird-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-common-68.11.0-lp151.2.47.1.x86_64",
"openSUSE Leap 15.1:MozillaThunderbird-translations-other-68.11.0-lp151.2.47.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-08-11T04:19:38Z",
"details": "important"
}
],
"title": "CVE-2020-6514"
}
]
}
opensuse-su-2024:14572-1
Vulnerability from csaf_opensuse
Published
2024-12-12 00:00
Modified
2024-12-12 00:00
Summary
firefox-esr-128.5.1-1.1 on GA media
Notes
Title of the patch
firefox-esr-128.5.1-1.1 on GA media
Description of the patch
These are all security issues fixed in the firefox-esr-128.5.1-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-14572
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).