csaf_suse - suse-su-2023:0112-1

suse-su-2023:0112-1

Vulnerability from csaf_suse

Published

2023-01-20 09:20

Modified

2023-01-20 09:20

Summary

Security update for MozillaFirefox

Notes

Title of the patch

Security update for MozillaFirefox

Description of the patch

This update for MozillaFirefox fixes the following issues: - Updated to version 102.7.0 ESR (bsc#1207119): - CVE-2022-46871: Updated an out of date library (libusrsctp) which contained several vulnerabilities. - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and drop on Linux. - CVE-2023-23601: Fixed a potential spoofing attack when dragging a URL from a cross-origin iframe into the same tab. - CVE-2023-23602: Fixed a mishandled security check, which caused the Content Security Policy header to be ignored for WebSockets in WebWorkers. - CVE-2022-46877: Fixed a fullscreen notification bypass which could be leveraged in spoofing attacks. - CVE-2023-23603: Fixed a Content Security Policy bypass via format directives. - CVE-2023-23605: Fixed several memory safety bugs.

Patchnames

SUSE-2023-112,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-112,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-112,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-112,SUSE-Storage-6-2023-112

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for MozillaFirefox",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for MozillaFirefox fixes the following issues:\n\n- Updated to version 102.7.0 ESR (bsc#1207119):\n  - CVE-2022-46871: Updated an out of date library (libusrsctp) which\n    contained several vulnerabilities.\n  - CVE-2023-23598: Fixed an arbitrary file read from GTK drag and\n    drop on Linux.\n  - CVE-2023-23601: Fixed a potential spoofing attack when dragging a\n    URL from a cross-origin iframe into the same tab.\n  - CVE-2023-23602: Fixed a mishandled security check, which caused\n    the Content Security Policy header to be ignored for WebSockets\n    in WebWorkers.\n  - CVE-2022-46877: Fixed a fullscreen notification bypass which\n    could be leveraged in spoofing attacks.\n  - CVE-2023-23603: Fixed a Content Security Policy bypass via format\n    directives.\n  - CVE-2023-23605: Fixed several memory safety bugs.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-112,SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-112,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-112,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-112,SUSE-Storage-6-2023-112",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_0112-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:0112-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20230112-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:0112-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-January/013488.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1207119",
        "url": "https://bugzilla.suse.com/1207119"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46871 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46871/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2022-46877 page",
        "url": "https://www.suse.com/security/cve/CVE-2022-46877/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23598 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23598/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23601 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23601/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23602 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23602/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23603 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23603/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-23605 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-23605/"
      }
    ],
    "title": "Security update for MozillaFirefox",
    "tracking": {
      "current_release_date": "2023-01-20T09:20:22Z",
      "generator": {
        "date": "2023-01-20T09:20:22Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:0112-1",
      "initial_release_date": "2023-01-20T09:20:22Z",
      "revision_history": [
        {
          "date": "2023-01-20T09:20:22Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
                  "product_id": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.aarch64",
                  "product_id": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
                  "product_id": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
                  "product_id": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
                "product": {
                  "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
                  "product_id": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-102.7.0-150000.150.71.1.i686",
                "product": {
                  "name": "MozillaFirefox-102.7.0-150000.150.71.1.i686",
                  "product_id": "MozillaFirefox-102.7.0-150000.150.71.1.i686"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.i686",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.i686",
                  "product_id": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.i686"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.i686",
                "product": {
                  "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.i686",
                  "product_id": "MozillaFirefox-devel-102.7.0-150000.150.71.1.i686"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.i686",
                "product": {
                  "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.i686",
                  "product_id": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.i686"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.i686",
                "product": {
                  "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.i686",
                  "product_id": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.i686"
                }
              }
            ],
            "category": "architecture",
            "name": "i686"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
                  "product_id": "MozillaFirefox-102.7.0-150000.150.71.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.ppc64le",
                  "product_id": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
                  "product_id": "MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
                  "product_id": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
                "product": {
                  "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
                  "product_id": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-102.7.0-150000.150.71.1.s390x",
                "product": {
                  "name": "MozillaFirefox-102.7.0-150000.150.71.1.s390x",
                  "product_id": "MozillaFirefox-102.7.0-150000.150.71.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.s390x",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.s390x",
                  "product_id": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
                "product": {
                  "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
                  "product_id": "MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
                  "product_id": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
                "product": {
                  "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
                  "product_id": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
                  "product_id": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.x86_64",
                  "product_id": "MozillaFirefox-branding-upstream-102.7.0-150000.150.71.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
                  "product_id": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
                  "product_id": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
                "product": {
                  "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
                  "product_id": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp1"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 6",
                "product": {
                  "name": "SUSE Enterprise Storage 6",
                  "product_id": "SUSE Enterprise Storage 6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:6"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64 as component of SUSE Enterprise Storage 6",
          "product_id": "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        },
        "product_reference": "MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 6"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2022-46871",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46871"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox \u003c 108.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46871",
          "url": "https://www.suse.com/security/cve/CVE-2022-46871"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46871",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-01-20T09:20:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-46871"
    },
    {
      "cve": "CVE-2022-46877",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2022-46877"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox \u003c 108.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2022-46877",
          "url": "https://www.suse.com/security/cve/CVE-2022-46877"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1206242 for CVE-2022-46877",
          "url": "https://bugzilla.suse.com/1206242"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-01-20T09:20:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2022-46877"
    },
    {
      "cve": "CVE-2023-23598",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23598"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Due to the Firefox GTK wrapper code\u0027s use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to \u003ccode\u003eDataTransfer.setData\u003c/code\u003e. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23598",
          "url": "https://www.suse.com/security/cve/CVE-2023-23598"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207119 for CVE-2023-23598",
          "url": "https://bugzilla.suse.com/1207119"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-01-20T09:20:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23598"
    },
    {
      "cve": "CVE-2023-23601",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23601"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23601",
          "url": "https://www.suse.com/security/cve/CVE-2023-23601"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207119 for CVE-2023-23601",
          "url": "https://bugzilla.suse.com/1207119"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-01-20T09:20:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23601"
    },
    {
      "cve": "CVE-2023-23602",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23602"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23602",
          "url": "https://www.suse.com/security/cve/CVE-2023-23602"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207119 for CVE-2023-23602",
          "url": "https://bugzilla.suse.com/1207119"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-01-20T09:20:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23602"
    },
    {
      "cve": "CVE-2023-23603",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23603"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Regular expressions used to filter out forbidden properties and values from style directives in calls to \u003ccode\u003econsole.log\u003c/code\u003e weren\u0027t accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23603",
          "url": "https://www.suse.com/security/cve/CVE-2023-23603"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207119 for CVE-2023-23603",
          "url": "https://bugzilla.suse.com/1207119"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-01-20T09:20:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23603"
    },
    {
      "cve": "CVE-2023-23605",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-23605"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
          "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-23605",
          "url": "https://www.suse.com/security/cve/CVE-2023-23605"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207119 for CVE-2023-23605",
          "url": "https://bugzilla.suse.com/1207119"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Enterprise Storage 6:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.s390x",
            "SUSE Linux Enterprise Server 15 SP1-LTSS:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-devel-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-common-102.7.0-150000.150.71.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP1:MozillaFirefox-translations-other-102.7.0-150000.150.71.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-01-20T09:20:22Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-23605"
    }
  ]
}

CVE-2023-23598 (GCVE-0-2023-23598)

Vulnerability from cvelistv5

Published

2023-06-02 00:00

Modified

2025-01-09 16:22

Severity ?

CWE

Arbitrary file read from GTK drag and drop on Linux

Summary

Due to the Firefox GTK wrapper code's use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to <code>DataTransfer.setData</code>. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.

References

►

URL

Tags

	https://www.mozilla.org/security/advisories/mfsa2023-02/
	https://www.mozilla.org/security/advisories/mfsa2023-01/
	https://www.mozilla.org/security/advisories/mfsa2023-03/
	https://bugzilla.mozilla.org/show_bug.cgi?id=1800425

Impacted products

Vendor

Product

Version

►

Mozilla

Firefox

Version: unspecified < 109

	Mozilla	Thunderbird	Version: unspecified < 102.7
	Mozilla	Firefox ESR	Version: unspecified < 102.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.595Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800425"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23598",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-09T16:22:19.388970Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-09T16:22:35.356Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "109",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Due to the Firefox GTK wrapper code\u0027s use of text/plain for drag data and GTK treating all text/plain MIMEs containing file URLs as being dragged a website could arbitrarily read a file via a call to \u003ccode\u003eDataTransfer.setData\u003c/code\u003e. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Arbitrary file read from GTK drag and drop on Linux",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-02T00:00:00",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
        },
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800425"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2023-23598",
    "datePublished": "2023-06-02T00:00:00",
    "dateReserved": "2023-01-16T00:00:00",
    "dateUpdated": "2025-01-09T16:22:35.356Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23605 (GCVE-0-2023-23605)

Vulnerability from cvelistv5

Published

2023-06-02 00:00

Modified

2025-01-10 18:00

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7

Summary

Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.

References

►

URL

Tags

	https://www.mozilla.org/security/advisories/mfsa2023-02/
	https://www.mozilla.org/security/advisories/mfsa2023-01/
	https://www.mozilla.org/security/advisories/mfsa2023-03/
	https://bugzilla.mozilla.org/buglist.cgi?bug_id=1764921%2C1802690%2C1806974

Impacted products

Vendor

Product

Version

►

Mozilla

Firefox

Version: unspecified < 109

	Mozilla	Thunderbird	Version: unspecified < 102.7
	Mozilla	Firefox ESR	Version: unspecified < 102.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.330Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1764921%2C1802690%2C1806974"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-23605",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-10T18:00:40.771530Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-10T18:00:46.236Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "109",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Memory safety bugs present in Firefox 108 and Firefox ESR 102.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Memory safety bugs fixed in Firefox 109 and Firefox ESR 102.7",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-02T00:00:00",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
        },
        {
          "url": "https://bugzilla.mozilla.org/buglist.cgi?bug_id=1764921%2C1802690%2C1806974"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2023-23605",
    "datePublished": "2023-06-02T00:00:00",
    "dateReserved": "2023-01-16T00:00:00",
    "dateUpdated": "2025-01-10T18:00:46.236Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23602 (GCVE-0-2023-23602)

Vulnerability from cvelistv5

Published

2023-06-02 00:00

Modified

2025-01-10 18:16

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE

Content Security Policy wasn't being correctly applied to WebSockets in WebWorkers

Summary

A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.

References

►

URL

Tags

	https://www.mozilla.org/security/advisories/mfsa2023-02/
	https://www.mozilla.org/security/advisories/mfsa2023-01/
	https://www.mozilla.org/security/advisories/mfsa2023-03/
	https://bugzilla.mozilla.org/show_bug.cgi?id=1800890

Impacted products

Vendor

Product

Version

►

Mozilla

Firefox

Version: unspecified < 109

	Mozilla	Thunderbird	Version: unspecified < 102.7
	Mozilla	Firefox ESR	Version: unspecified < 102.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800890"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-23602",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-10T18:16:34.899929Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-754",
                "description": "CWE-754 Improper Check for Unusual or Exceptional Conditions",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-10T18:16:39.131Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800890"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "109",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Content Security Policy wasn\u0027t being correctly applied to WebSockets in WebWorkers",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-02T00:00:00",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
        },
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800890"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2023-23602",
    "datePublished": "2023-06-02T00:00:00",
    "dateReserved": "2023-01-16T00:00:00",
    "dateUpdated": "2025-01-10T18:16:39.131Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23601 (GCVE-0-2023-23601)

Vulnerability from cvelistv5

Published

2023-06-02 00:00

Modified

2025-01-09 16:18

Severity ?

CWE

URL being dragged from cross-origin iframe into same tab triggers navigation

Summary

Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.

References

►

URL

Tags

	https://www.mozilla.org/security/advisories/mfsa2023-02/
	https://www.mozilla.org/security/advisories/mfsa2023-01/
	https://www.mozilla.org/security/advisories/mfsa2023-03/
	https://bugzilla.mozilla.org/show_bug.cgi?id=1794268

Impacted products

Vendor

Product

Version

►

Mozilla

Firefox

Version: unspecified < 109

	Mozilla	Thunderbird	Version: unspecified < 102.7
	Mozilla	Firefox ESR	Version: unspecified < 102.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.288Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794268"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-23601",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-09T16:17:52.430940Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-09T16:18:26.500Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "109",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Navigations were being allowed when dragging a URL from a cross-origin iframe into the same tab which could lead to website spoofing attacks. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "URL being dragged from cross-origin iframe into same tab triggers navigation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-02T00:00:00",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
        },
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1794268"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2023-23601",
    "datePublished": "2023-06-02T00:00:00",
    "dateReserved": "2023-01-16T00:00:00",
    "dateUpdated": "2025-01-09T16:18:26.500Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-23603 (GCVE-0-2023-23603)

Vulnerability from cvelistv5

Published

2023-06-02 00:00

Modified

2025-01-10 18:09

Severity ?

6.5 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE

Calls to console.log allowed bypasing Content Security Policy via format directive

Summary

Regular expressions used to filter out forbidden properties and values from style directives in calls to <code>console.log</code> weren't accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.

References

►

URL

Tags

	https://www.mozilla.org/security/advisories/mfsa2023-02/
	https://www.mozilla.org/security/advisories/mfsa2023-01/
	https://www.mozilla.org/security/advisories/mfsa2023-03/
	https://bugzilla.mozilla.org/show_bug.cgi?id=1800832

Impacted products

Vendor

Product

Version

►

Mozilla

Firefox

Version: unspecified < 109

	Mozilla	Thunderbird	Version: unspecified < 102.7
	Mozilla	Firefox ESR	Version: unspecified < 102.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T10:35:33.580Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800832"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-23603",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-10T18:09:19.338679Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-10T18:09:25.352Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "109",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Thunderbird",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        },
        {
          "product": "Firefox ESR",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "102.7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Regular expressions used to filter out forbidden properties and values from style directives in calls to \u003ccode\u003econsole.log\u003c/code\u003e weren\u0027t accounting for external URLs. Data could then be potentially exfiltrated from the browser. This vulnerability affects Firefox \u003c 109, Thunderbird \u003c 102.7, and Firefox ESR \u003c 102.7."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Calls to console.log allowed bypasing Content Security Policy via format directive",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-06-02T00:00:00",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-02/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-01/"
        },
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2023-03/"
        },
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1800832"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2023-23603",
    "datePublished": "2023-06-02T00:00:00",
    "dateReserved": "2023-01-16T00:00:00",
    "dateUpdated": "2025-01-10T18:09:25.352Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-46877 (GCVE-0-2022-46877)

Vulnerability from cvelistv5

Published

2022-12-22 00:00

Modified

2025-04-15 13:55

Severity ?

4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE

Fullscreen notification bypass

Summary

By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox < 108.

References

►

URL

Tags

	https://www.mozilla.org/security/advisories/mfsa2022-51/
	https://bugzilla.mozilla.org/show_bug.cgi?id=1795139
	https://www.debian.org/security/2023/dsa-5322	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html	mailing-list
	https://www.debian.org/security/2023/dsa-5355	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html	mailing-list
	https://security.gentoo.org/glsa/202305-06	vendor-advisory
	https://security.gentoo.org/glsa/202305-13	vendor-advisory

Impacted products

	Vendor	Product	Version
	Mozilla	Firefox	Version: unspecified < 108

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:39:38.789Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1795139"
          },
          {
            "name": "DSA-5322",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5322"
          },
          {
            "name": "[debian-lts-announce] 20230119 [SECURITY] [DLA 3275-1] firefox-esr security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html"
          },
          {
            "name": "DSA-5355",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5355"
          },
          {
            "name": "[debian-lts-announce] 20230220 [SECURITY] [DLA 3324-1] thunderbird security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html"
          },
          {
            "name": "GLSA-202305-06",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202305-06"
          },
          {
            "name": "GLSA-202305-13",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202305-13"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 4.3,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "LOW",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-46877",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T13:52:17.633595Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-79",
                "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T13:55:01.660Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "108",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "By confusing the browser, the fullscreen notification could have been delayed or suppressed, resulting in potential user confusion or spoofing attacks. This vulnerability affects Firefox \u003c 108."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Fullscreen notification bypass",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-03T10:06:35.394Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/"
        },
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1795139"
        },
        {
          "name": "DSA-5322",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5322"
        },
        {
          "name": "[debian-lts-announce] 20230119 [SECURITY] [DLA 3275-1] firefox-esr security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html"
        },
        {
          "name": "DSA-5355",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5355"
        },
        {
          "name": "[debian-lts-announce] 20230220 [SECURITY] [DLA 3324-1] thunderbird security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html"
        },
        {
          "name": "GLSA-202305-06",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202305-06"
        },
        {
          "name": "GLSA-202305-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202305-13"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2022-46877",
    "datePublished": "2022-12-22T00:00:00.000Z",
    "dateReserved": "2022-12-09T00:00:00.000Z",
    "dateUpdated": "2025-04-15T13:55:01.660Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-46871 (GCVE-0-2022-46871)

Vulnerability from cvelistv5

Published

2022-12-22 00:00

Modified

2025-04-15 14:10

Severity ?

8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE

libusrsctp library out of date

Summary

An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox < 108.

References

►

URL

Tags

	https://www.mozilla.org/security/advisories/mfsa2022-51/
	https://bugzilla.mozilla.org/show_bug.cgi?id=1795697
	https://www.debian.org/security/2023/dsa-5322	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html	mailing-list
	https://www.debian.org/security/2023/dsa-5355	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html	mailing-list
	https://security.gentoo.org/glsa/202305-06	vendor-advisory
	https://security.gentoo.org/glsa/202305-13	vendor-advisory

Impacted products

	Vendor	Product	Version
	Mozilla	Firefox	Version: unspecified < 108

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T14:39:38.557Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1795697"
          },
          {
            "name": "DSA-5322",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5322"
          },
          {
            "name": "[debian-lts-announce] 20230119 [SECURITY] [DLA 3275-1] firefox-esr security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html"
          },
          {
            "name": "DSA-5355",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5355"
          },
          {
            "name": "[debian-lts-announce] 20230220 [SECURITY] [DLA 3324-1] thunderbird security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html"
          },
          {
            "name": "GLSA-202305-06",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202305-06"
          },
          {
            "name": "GLSA-202305-13",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202305-13"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 8.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "REQUIRED",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-46871",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T14:09:08.591078Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-1104",
                "description": "CWE-1104 Use of Unmaintained Third Party Components",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T14:10:56.287Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Firefox",
          "vendor": "Mozilla",
          "versions": [
            {
              "lessThan": "108",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An out of date library (libusrsctp) contained vulnerabilities that could potentially be exploited. This vulnerability affects Firefox \u003c 108."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "libusrsctp library out of date",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-03T10:06:44.088Z",
        "orgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
        "shortName": "mozilla"
      },
      "references": [
        {
          "url": "https://www.mozilla.org/security/advisories/mfsa2022-51/"
        },
        {
          "url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1795697"
        },
        {
          "name": "DSA-5322",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5322"
        },
        {
          "name": "[debian-lts-announce] 20230119 [SECURITY] [DLA 3275-1] firefox-esr security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00015.html"
        },
        {
          "name": "DSA-5355",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5355"
        },
        {
          "name": "[debian-lts-announce] 20230220 [SECURITY] [DLA 3324-1] thunderbird security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/02/msg00018.html"
        },
        {
          "name": "GLSA-202305-06",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202305-06"
        },
        {
          "name": "GLSA-202305-13",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202305-13"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f16b083a-5664-49f3-a51e-8d479e5ed7fe",
    "assignerShortName": "mozilla",
    "cveId": "CVE-2022-46871",
    "datePublished": "2022-12-22T00:00:00.000Z",
    "dateReserved": "2022-12-09T00:00:00.000Z",
    "dateUpdated": "2025-04-15T14:10:56.287Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2023:0112-1

Vulnerability from csaf_suse

CVE-2023-23598 (GCVE-0-2023-23598)

Vulnerability from cvelistv5

CVE-2023-23605 (GCVE-0-2023-23605)

Vulnerability from cvelistv5

CVE-2023-23602 (GCVE-0-2023-23602)

Vulnerability from cvelistv5

CVE-2023-23601 (GCVE-0-2023-23601)

Vulnerability from cvelistv5

CVE-2023-23603 (GCVE-0-2023-23603)

Vulnerability from cvelistv5

CVE-2022-46877 (GCVE-0-2022-46877)

Vulnerability from cvelistv5

CVE-2022-46871 (GCVE-0-2022-46871)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature