suse-su-2023:4912-1
Vulnerability from csaf_suse
Published
2023-12-19 15:48
Modified
2023-12-19 15:48
Summary
Security update for MozillaFirefox
Notes
Title of the patch
Security update for MozillaFirefox
Description of the patch
This update for MozillaFirefox fixes the following issues:
- Firefox Extended Support Release 115.6.0 ESR changelog-entry (bsc#1217974)
* CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver (bmo#1843782).
* CVE-2023-6857: Symlinks may resolve to smaller than expected buffers (bmo#1796023).
* CVE-2023-6858: Heap buffer overflow in nsTextFragment (bmo#1826791).
* CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer (bmo#1840144).
* CVE-2023-6860: Potential sandbox escape due to VideoBridge lack of texture validation (bmo#1854669).
* CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode (bmo#1864118).
* CVE-2023-6862: Use-after-free in nsDNSService (bsc#1868042).
* CVE-2023-6863: Undefined behavior in ShutdownObserver() (bmo#1868901).
* CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6.
* CVE-2023-6865: Potential exposure of uninitialized data in EncryptingOutputStream (bmo#1864123).
* CVE-2023-6867: Clickjacking permission prompts using the popup transition (bmo#1863863).
- Fixed: Various security fixes and other quality improvements MFSA 2023-50 (bsc#1217230)
* CVE-2023-6204 (bmo#1841050)
Out-of-bound memory access in WebGL2 blitFramebuffer
* CVE-2023-6205 (bmo#1854076)
Use-after-free in MessagePort::Entangled
* CVE-2023-6206 (bmo#1857430)
Clickjacking permission prompts using the fullscreen
transition
* CVE-2023-6207 (bmo#1861344)
Use-after-free in ReadableByteStreamQueueEntry::Buffer
* CVE-2023-6208 (bmo#1855345)
Using Selection API would copy contents into X11 primary
selection.
* CVE-2023-6209 (bmo#1858570)
Incorrect parsing of relative URLs starting with '///'
* CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,
bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,
bmo#1862782)
Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,
and Thunderbird 115.5
Patchnames
SUSE-2023-4912,SUSE-SLE-SDK-12-SP5-2023-4912,SUSE-SLE-SERVER-12-SP5-2023-4912
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for MozillaFirefox",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for MozillaFirefox fixes the following issues:\n\n- Firefox Extended Support Release 115.6.0 ESR changelog-entry (bsc#1217974)\n * CVE-2023-6856: Heap-buffer-overflow affecting WebGL DrawElementsInstanced method with Mesa VM driver (bmo#1843782).\n * CVE-2023-6857: Symlinks may resolve to smaller than expected buffers (bmo#1796023).\n * CVE-2023-6858: Heap buffer overflow in nsTextFragment (bmo#1826791).\n * CVE-2023-6859: Use-after-free in PR_GetIdentitiesLayer (bmo#1840144).\n * CVE-2023-6860: Potential sandbox escape due to VideoBridge lack of texture validation (bmo#1854669).\n * CVE-2023-6861: Heap buffer overflow affected nsWindow::PickerOpen(void) in headless mode (bmo#1864118).\n * CVE-2023-6862: Use-after-free in nsDNSService (bsc#1868042).\n * CVE-2023-6863: Undefined behavior in ShutdownObserver() (bmo#1868901).\n * CVE-2023-6864: Memory safety bugs fixed in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6.\n * CVE-2023-6865: Potential exposure of uninitialized data in EncryptingOutputStream (bmo#1864123).\n * CVE-2023-6867: Clickjacking permission prompts using the popup transition (bmo#1863863).\n \n- Fixed: Various security fixes and other quality improvements MFSA 2023-50 (bsc#1217230)\n * CVE-2023-6204 (bmo#1841050)\n Out-of-bound memory access in WebGL2 blitFramebuffer\n * CVE-2023-6205 (bmo#1854076)\n Use-after-free in MessagePort::Entangled\n * CVE-2023-6206 (bmo#1857430)\n Clickjacking permission prompts using the fullscreen\n transition\n * CVE-2023-6207 (bmo#1861344)\n Use-after-free in ReadableByteStreamQueueEntry::Buffer\n * CVE-2023-6208 (bmo#1855345)\n Using Selection API would copy contents into X11 primary\n selection.\n * CVE-2023-6209 (bmo#1858570)\n Incorrect parsing of relative URLs starting with \u0027///\u0027\n * CVE-2023-6212 (bmo#1658432, bmo#1820983, bmo#1829252,\n bmo#1856072, bmo#1856091, bmo#1859030, bmo#1860943,\n bmo#1862782)\n Memory safety bugs fixed in Firefox 120, Firefox ESR 115.5,\n and Thunderbird 115.5",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4912,SUSE-SLE-SDK-12-SP5-2023-4912,SUSE-SLE-SERVER-12-SP5-2023-4912",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4912-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4912-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234912-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4912-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-December/017449.html"
},
{
"category": "self",
"summary": "SUSE Bug 1217230",
"url": "https://bugzilla.suse.com/1217230"
},
{
"category": "self",
"summary": "SUSE Bug 1217974",
"url": "https://bugzilla.suse.com/1217974"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6204 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6204/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6205 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6205/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6206 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6207 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6207/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6208 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6209 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6212 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6212/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6856 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6857 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6857/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6858 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6858/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6859 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6859/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6860 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6860/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6861 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6861/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6862 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6863 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6863/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6864 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6864/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6865 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6865/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-6867 page",
"url": "https://www.suse.com/security/cve/CVE-2023-6867/"
}
],
"title": "Security update for MozillaFirefox",
"tracking": {
"current_release_date": "2023-12-19T15:48:50Z",
"generator": {
"date": "2023-12-19T15:48:50Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4912-1",
"initial_release_date": "2023-12-19T15:48:50Z",
"revision_history": [
{
"date": "2023-12-19T15:48:50Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-115.6.0-112.194.1.aarch64",
"product": {
"name": "MozillaFirefox-115.6.0-112.194.1.aarch64",
"product_id": "MozillaFirefox-115.6.0-112.194.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.aarch64",
"product": {
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.aarch64",
"product_id": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"product_id": "MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.aarch64",
"product": {
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.aarch64",
"product_id": "MozillaFirefox-translations-other-115.6.0-112.194.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"product": {
"name": "MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"product_id": "MozillaFirefox-devel-115.6.0-112.194.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-115.6.0-112.194.1.ppc64le",
"product": {
"name": "MozillaFirefox-115.6.0-112.194.1.ppc64le",
"product_id": "MozillaFirefox-115.6.0-112.194.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.ppc64le",
"product": {
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.ppc64le",
"product_id": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"product_id": "MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.ppc64le",
"product": {
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.ppc64le",
"product_id": "MozillaFirefox-translations-other-115.6.0-112.194.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-115.6.0-112.194.1.s390x",
"product": {
"name": "MozillaFirefox-115.6.0-112.194.1.s390x",
"product_id": "MozillaFirefox-115.6.0-112.194.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.s390x",
"product": {
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.s390x",
"product_id": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"product": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"product_id": "MozillaFirefox-translations-common-115.6.0-112.194.1.s390x"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.s390x",
"product": {
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.s390x",
"product_id": "MozillaFirefox-translations-other-115.6.0-112.194.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "MozillaFirefox-115.6.0-112.194.1.x86_64",
"product": {
"name": "MozillaFirefox-115.6.0-112.194.1.x86_64",
"product_id": "MozillaFirefox-115.6.0-112.194.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.x86_64",
"product": {
"name": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.x86_64",
"product_id": "MozillaFirefox-branding-upstream-115.6.0-112.194.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"product_id": "MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64"
}
},
{
"category": "product_version",
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.x86_64",
"product": {
"name": "MozillaFirefox-translations-other-115.6.0-112.194.1.x86_64",
"product_id": "MozillaFirefox-translations-other-115.6.0-112.194.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-115.6.0-112.194.1.noarch as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
},
"product_reference": "MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-115.6.0-112.194.1.noarch as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
},
"product_reference": "MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-115.6.0-112.194.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64"
},
"product_reference": "MozillaFirefox-115.6.0-112.194.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-devel-115.6.0-112.194.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
},
"product_reference": "MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64"
},
"product_reference": "MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-6204",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6204"
}
],
"notes": [
{
"category": "general",
"text": "On some systems\u2014depending on the graphics settings and drivers\u2014it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6204",
"url": "https://www.suse.com/security/cve/CVE-2023-6204"
},
{
"category": "external",
"summary": "SUSE Bug 1217230 for CVE-2023-6204",
"url": "https://bugzilla.suse.com/1217230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6204"
},
{
"cve": "CVE-2023-6205",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6205"
}
],
"notes": [
{
"category": "general",
"text": "It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6205",
"url": "https://www.suse.com/security/cve/CVE-2023-6205"
},
{
"category": "external",
"summary": "SUSE Bug 1217230 for CVE-2023-6205",
"url": "https://bugzilla.suse.com/1217230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6205"
},
{
"cve": "CVE-2023-6206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6206"
}
],
"notes": [
{
"category": "general",
"text": "The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6206",
"url": "https://www.suse.com/security/cve/CVE-2023-6206"
},
{
"category": "external",
"summary": "SUSE Bug 1217230 for CVE-2023-6206",
"url": "https://bugzilla.suse.com/1217230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6206"
},
{
"cve": "CVE-2023-6207",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6207"
}
],
"notes": [
{
"category": "general",
"text": "Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6207",
"url": "https://www.suse.com/security/cve/CVE-2023-6207"
},
{
"category": "external",
"summary": "SUSE Bug 1217230 for CVE-2023-6207",
"url": "https://bugzilla.suse.com/1217230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6207"
},
{
"cve": "CVE-2023-6208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6208"
}
],
"notes": [
{
"category": "general",
"text": "When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard.\n*This bug only affects Firefox on X11. Other systems are unaffected.* This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6208",
"url": "https://www.suse.com/security/cve/CVE-2023-6208"
},
{
"category": "external",
"summary": "SUSE Bug 1217230 for CVE-2023-6208",
"url": "https://bugzilla.suse.com/1217230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6208"
},
{
"cve": "CVE-2023-6209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6209"
}
],
"notes": [
{
"category": "general",
"text": "Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal \"/../\" part in the path could be used to override the specified host. This could contribute to security problems in web sites. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6209",
"url": "https://www.suse.com/security/cve/CVE-2023-6209"
},
{
"category": "external",
"summary": "SUSE Bug 1217230 for CVE-2023-6209",
"url": "https://bugzilla.suse.com/1217230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6209"
},
{
"cve": "CVE-2023-6212",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6212"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox \u003c 120, Firefox ESR \u003c 115.5.0, and Thunderbird \u003c 115.5.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6212",
"url": "https://www.suse.com/security/cve/CVE-2023-6212"
},
{
"category": "external",
"summary": "SUSE Bug 1217230 for CVE-2023-6212",
"url": "https://bugzilla.suse.com/1217230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6212"
},
{
"cve": "CVE-2023-6856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6856"
}
],
"notes": [
{
"category": "general",
"text": "The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution and sandbox escape. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6856",
"url": "https://www.suse.com/security/cve/CVE-2023-6856"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6856",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6856"
},
{
"cve": "CVE-2023-6857",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6857"
}
],
"notes": [
{
"category": "general",
"text": "When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. \n*This bug only affects Firefox on Unix-based operating systems (Android, Linux, MacOS). Windows is unaffected.* This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6857",
"url": "https://www.suse.com/security/cve/CVE-2023-6857"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6857",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6857"
},
{
"cve": "CVE-2023-6858",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6858"
}
],
"notes": [
{
"category": "general",
"text": "Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6858",
"url": "https://www.suse.com/security/cve/CVE-2023-6858"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6858",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6858"
},
{
"cve": "CVE-2023-6859",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6859"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6859",
"url": "https://www.suse.com/security/cve/CVE-2023-6859"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6859",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6859"
},
{
"cve": "CVE-2023-6860",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6860"
}
],
"notes": [
{
"category": "general",
"text": "The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6860",
"url": "https://www.suse.com/security/cve/CVE-2023-6860"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6860",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6860"
},
{
"cve": "CVE-2023-6861",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6861"
}
],
"notes": [
{
"category": "general",
"text": "The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6861",
"url": "https://www.suse.com/security/cve/CVE-2023-6861"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6861",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6861"
},
{
"cve": "CVE-2023-6862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6862"
}
],
"notes": [
{
"category": "general",
"text": "A use-after-free was identified in the `nsDNSService::Init`. This issue appears to manifest rarely during start-up. This vulnerability affects Firefox ESR \u003c 115.6 and Thunderbird \u003c 115.6.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6862",
"url": "https://www.suse.com/security/cve/CVE-2023-6862"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6862",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6862"
},
{
"cve": "CVE-2023-6863",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6863"
}
],
"notes": [
{
"category": "general",
"text": "The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6863",
"url": "https://www.suse.com/security/cve/CVE-2023-6863"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6863",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6863"
},
{
"cve": "CVE-2023-6864",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6864"
}
],
"notes": [
{
"category": "general",
"text": "Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR \u003c 115.6, Thunderbird \u003c 115.6, and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6864",
"url": "https://www.suse.com/security/cve/CVE-2023-6864"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6864",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6864"
},
{
"cve": "CVE-2023-6865",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6865"
}
],
"notes": [
{
"category": "general",
"text": "`EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6865",
"url": "https://www.suse.com/security/cve/CVE-2023-6865"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6865",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6865"
},
{
"cve": "CVE-2023-6867",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-6867"
}
],
"notes": [
{
"category": "general",
"text": "The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click where the permission grant button would be about to appear. This vulnerability affects Firefox ESR \u003c 115.6 and Firefox \u003c 121.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-6867",
"url": "https://www.suse.com/security/cve/CVE-2023-6867"
},
{
"category": "external",
"summary": "SUSE Bug 1217974 for CVE-2023-6867",
"url": "https://bugzilla.suse.com/1217974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.aarch64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:MozillaFirefox-translations-common-115.6.0-112.194.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:MozillaFirefox-devel-115.6.0-112.194.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-12-19T15:48:50Z",
"details": "important"
}
],
"title": "CVE-2023-6867"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…