Explore top 10 tips to secure your open-source projects now. Read More
×
This update for MozillaFirefox fixes the following issues: Mozilla Firefox was updated to 102.3.0esr ESR (bsc#1200793, bsc#1201758, bsc#1202645, bsc#1203477): - CVE-2022-40959: Fixed bypassing FeaturePolicy restrictions on transient pages. - CVE-2022-40960: Fixed data-race when parsing non-UTF-8 URLs in threads. - CVE-2022-40958: Fixed bypassing secure context restriction for cookies with __Host and __Secure prefix. - CVE-2022-40956: Fixed content-security-policy base-uri bypass. - CVE-2022-40957: Fixed incoherent instruction cache when building WASM on ARM64. - CVE-2022-40962: Fixed memory safety bugs. - CVE-2022-38472: Fixed a potential address bar spoofing via XSLT error handling. - CVE-2022-38473: Fixed an issue where cross-origin XSLT documents could inherit the parent's permissions.
#1200793 #1201758 #1202645 #1203477
Cross- CVE-2022-2200 CVE-2022-2505 CVE-2022-34468
CVE-2022-34469 CVE-2022-34470 CVE-2022-34471
CVE-2022-34472 CVE-2022-34473 CVE-2022-34474
CVE-2022-34475 CVE-2022-34476 CVE-2022-34477
CVE-2022-34478 CVE-2022-34479 CVE-2022-34480
CVE-2022-34481 CVE-2022-34482 CVE-2022-34483
CVE-2022-34484 CVE-2022-34485 CVE-2022-36314
CVE-2022-36318 CVE-2022-36319 CVE-2022-38472
CVE-2022-38473 CVE-2022-38476 CVE-2022-38477
CVE-2022-38478 CVE-2022-40956 CVE-2022-40957
CVE-2022-40958 CVE-2022-40959 CVE-2022-40960
CVE-2022-40962
CVSS scores:
CVE-2022-2505 (SUSE): 7.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
CVE-2022-34472 (SUSE): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Get the latest Linux and open source security news straight to your inbox.