Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Firefox.
Software Description:
- firefox: Mozilla Open Source web browser
Details:
Christian Holler discovered that Firefox did not properly manage memory
when using PKCS 12 Safe Bag attributes. An attacker could construct a
PKCS 12 cert bundle in such a way that could allow for arbitrary memory
writes. (CVE-2023-0767)
Johan Carlsson discovered that Firefox did not properly manage child
iframe's unredacted URI when using Content-Security-Policy-Report-Only
header. An attacker could potentially exploits this to obtain sensitive
information. (CVE-2023-25728)
Vitor Torres discovered that Firefox did not properly manage permissions
of extensions interaction via ExpandedPrincipals. An attacker could
potentially exploits this issue to download malicious files or execute
arbitrary code. (CVE-2023-25729)
Irvan Kurniawan discovered that Firefox did not properly validate
background script invoking requestFullscreen. An attacker could
potentially ex...
The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: firefox 110.0+build3-0ubuntu0.20.04.1 Ubuntu 18.04 LTS: firefox 110.0+build3-0ubuntu0.18.04.1 After a standard system update you need to restart Firefox to make all the necessary changes.
https://ubuntu.com/security/notices/USN-5880-1
CVE-2023-0767, CVE-2023-25728, CVE-2023-25729, CVE-2023-25730,
CVE-2023-25731, CVE-2023-25732, CVE-2023-25733, CVE-2023-25735,
CVE-2023-25736, CVE-2023-25737, CVE-2023-25739, CVE-2023-25741,
CVE-2023-25742, CVE-2023-25744, CVE-2023-25745
Get the latest Linux and open source security news straight to your inbox.