suse-su-2023:1736-1
Vulnerability from csaf_suse
Published
2023-04-03 11:12
Modified
2023-04-03 11:12
Summary
Security update for MozillaThunderbird
Notes
Title of the patch
Security update for MozillaThunderbird
Description of the patch
This update for MozillaThunderbird fixes the following issues:
MFSA 2023-12 (bsc#1209953):
- CVE-2023-28427: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (bmo#1822595)
MFSA 2023-11 (bsc#1209173):
- CVE-2023-25751: Incorrect code generation during JIT compilation (bmo#1814899).
- CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (bmo#1809122).
- CVE-2023-28162: Invalid downcast in Worklets (bmo#1811327).
- CVE-2023-25752: Potential out-of-bounds when accessing throttled streams (bmo#1811627).
- CVE-2023-28163: Windows Save As dialog resolved environment variables (bmo#1817768)
- CVE-2023-28176: Memory safety bugs fixed in Thunderbird 102.9 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674).
Mozilla Thunderbird 102.9:
- fixed: Notification about a sender's changed OpenPGP key was not immediately visible (bmo#1814003)
- fixed: TLS Certificate Override dialog did not appear when retrieving messages via IMAP using 'Get Messages' context menu (bmo#1816596)
- fixed: Spellcheck dictionaries were missing from localized Thunderbird builds that should have included them (bmo#1818257)
- fixed: Tooltips for 'Show/Hide' calendar toggle did not display (bmo#1809557)
- fixed: Various security fixes
Mozilla Thunderbird 102.9.1:
- fixed: Thunderbird was unable to open file URLs from command line (URLs beginning with 'file://') (bmo#1816343)
- fixed: Source strings for localized builds not uploaded to FTP as expected (bmo#1817086)
- fixed: Visual and theme improvements (bmo#1821358, bmo#1822286)
- fixed: Security fixes
Patchnames
SUSE-2023-1736,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-1736,SUSE-SLE-Product-WE-15-SP4-2023-1736,openSUSE-SLE-15.4-2023-1736
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaThunderbird",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaThunderbird fixes the following issues:\n\nMFSA 2023-12 (bsc#1209953):\n\n- CVE-2023-28427: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (bmo#1822595)\n\nMFSA 2023-11 (bsc#1209173):\n\n- CVE-2023-25751: Incorrect code generation during JIT compilation (bmo#1814899).\n- CVE-2023-28164: URL being dragged from a removed cross-origin iframe into the same tab triggered navigation (bmo#1809122).\n- CVE-2023-28162: Invalid downcast in Worklets (bmo#1811327).\n- CVE-2023-25752: Potential out-of-bounds when accessing throttled streams (bmo#1811627).\n- CVE-2023-28163: Windows Save As dialog resolved environment variables (bmo#1817768)\n- CVE-2023-28176: Memory safety bugs fixed in Thunderbird 102.9 (bmo#1808352, bmo#1811637, bmo#1815904, bmo#1817442, bmo#1818674).\n \nMozilla Thunderbird 102.9:\n \n- fixed: Notification about a sender\u0027s changed OpenPGP key was not immediately visible (bmo#1814003)\n- fixed: TLS Certificate Override dialog did not appear when retrieving messages via IMAP using \u0027Get Messages\u0027 context menu (bmo#1816596)\n- fixed: Spellcheck dictionaries were missing from localized Thunderbird builds that should have included them (bmo#1818257)\n- fixed: Tooltips for \u0027Show/Hide\u0027 calendar toggle did not display (bmo#1809557)\n- fixed: Various security fixes \n \nMozilla Thunderbird 102.9.1:\n\n- fixed: Thunderbird was unable to open file URLs from command line (URLs beginning with \u0027file://\u0027) (bmo#1816343)\n- fixed: Source strings for localized builds not uploaded to FTP as expected (bmo#1817086)\n- fixed: Visual and theme improvements (bmo#1821358, bmo#1822286)\n- fixed: Security fixes\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-1736,SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-1736,SUSE-SLE-Product-WE-15-SP4-2023-1736,openSUSE-SLE-15.4-2023-1736",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_1736-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:1736-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20231736-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:1736-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-April/014339.html"
},
{
"category": "self",
"summary": "SUSE Bug 1209173",
"url": "https://bugzilla.suse.com/1209173"
},
{
"category": "self",
"summary": "SUSE Bug 1209953",
"url": "https://bugzilla.suse.com/1209953"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25751 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25751/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25752 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28162 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28162/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28163 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28163/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28164 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28164/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28176 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-28427 page",
"url": "https://www.suse.com/security/cve/CVE-2023-28427/"
}
],
"title": "Security update for MozillaThunderbird",
"tracking": {
"current_release_date": "2023-04-03T11:12:58Z",
"generator": {
"date": "2023-04-03T11:12:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:1736-1",
"initial_release_date": "2023-04-03T11:12:58Z",
"revision_history": [
{
"date": "2023-04-03T11:12:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"product": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"product_id": "MozillaThunderbird-102.9.1-150200.8.110.2.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"product": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"product_id": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"product": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"product_id": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.i686",
"product": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.i686",
"product_id": "MozillaThunderbird-102.9.1-150200.8.110.2.i686"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.i686",
"product": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.i686",
"product_id": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.i686"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.i686",
"product": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.i686",
"product_id": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.i686"
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"product": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"product_id": "MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"product_id": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"product": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"product_id": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"product": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"product_id": "MozillaThunderbird-102.9.1-150200.8.110.2.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"product": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"product_id": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"product": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"product_id": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"product": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"product_id": "MozillaThunderbird-102.9.1-150200.8.110.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"product": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"product_id": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"product": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"product_id": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-we:15:sp4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64 as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP4",
"product_id": "SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-102.9.1-150200.8.110.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64"
},
"product_reference": "MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64"
},
"product_reference": "MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
},
"product_reference": "MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-25751",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25751"
}
],
"notes": [
{
"category": "general",
"text": "Sometimes, when invalidating JIT code while following an iterator, the newly generated code could be overwritten incorrectly. This could lead to a potentially exploitable crash. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25751",
"url": "https://www.suse.com/security/cve/CVE-2023-25751"
},
{
"category": "external",
"summary": "SUSE Bug 1209173 for CVE-2023-25751",
"url": "https://bugzilla.suse.com/1209173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-03T11:12:58Z",
"details": "important"
}
],
"title": "CVE-2023-25751"
},
{
"cve": "CVE-2023-25752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25752"
}
],
"notes": [
{
"category": "general",
"text": "When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25752",
"url": "https://www.suse.com/security/cve/CVE-2023-25752"
},
{
"category": "external",
"summary": "SUSE Bug 1209173 for CVE-2023-25752",
"url": "https://bugzilla.suse.com/1209173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-03T11:12:58Z",
"details": "important"
}
],
"title": "CVE-2023-25752"
},
{
"cve": "CVE-2023-28162",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28162"
}
],
"notes": [
{
"category": "general",
"text": "While implementing AudioWorklets, some code may have casted one type to another, invalid, dynamic type. This could have led to a potentially exploitable crash. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28162",
"url": "https://www.suse.com/security/cve/CVE-2023-28162"
},
{
"category": "external",
"summary": "SUSE Bug 1209173 for CVE-2023-28162",
"url": "https://bugzilla.suse.com/1209173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-03T11:12:58Z",
"details": "important"
}
],
"title": "CVE-2023-28162"
},
{
"cve": "CVE-2023-28163",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28163"
}
],
"notes": [
{
"category": "general",
"text": "When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. \u003cbr\u003e*This bug only affects Firefox on Windows. Other versions of Firefox are unaffected.*. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28163",
"url": "https://www.suse.com/security/cve/CVE-2023-28163"
},
{
"category": "external",
"summary": "SUSE Bug 1209173 for CVE-2023-28163",
"url": "https://bugzilla.suse.com/1209173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-03T11:12:58Z",
"details": "important"
}
],
"title": "CVE-2023-28163"
},
{
"cve": "CVE-2023-28164",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28164"
}
],
"notes": [
{
"category": "general",
"text": "Dragging a URL from a cross-origin iframe that was removed during the drag could have led to user confusion and website spoofing attacks. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28164",
"url": "https://www.suse.com/security/cve/CVE-2023-28164"
},
{
"category": "external",
"summary": "SUSE Bug 1209173 for CVE-2023-28164",
"url": "https://bugzilla.suse.com/1209173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-03T11:12:58Z",
"details": "important"
}
],
"title": "CVE-2023-28164"
},
{
"cve": "CVE-2023-28176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28176"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 111, Firefox ESR \u003c 102.9, and Thunderbird \u003c 102.9.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28176",
"url": "https://www.suse.com/security/cve/CVE-2023-28176"
},
{
"category": "external",
"summary": "SUSE Bug 1209173 for CVE-2023-28176",
"url": "https://bugzilla.suse.com/1209173"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-03T11:12:58Z",
"details": "important"
}
],
"title": "CVE-2023-28176"
},
{
"cve": "CVE-2023-28427",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-28427"
}
],
"notes": [
{
"category": "general",
"text": "matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer\u0027s ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-28427",
"url": "https://www.suse.com/security/cve/CVE-2023-28427"
},
{
"category": "external",
"summary": "SUSE Bug 1209953 for CVE-2023-28427",
"url": "https://bugzilla.suse.com/1209953"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"SUSE Linux Enterprise Workstation Extension 15 SP4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-common-102.9.1-150200.8.110.2.x86_64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.aarch64",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.ppc64le",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.s390x",
"openSUSE Leap 15.4:MozillaThunderbird-translations-other-102.9.1-150200.8.110.2.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-04-03T11:12:58Z",
"details": "important"
}
],
"title": "CVE-2023-28427"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…