Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:6716: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe’s srcdoc attribute was not blocked
  • CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag
  • CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request
  • CVE-2022-36059: Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack
  • CVE-2022-40956: Mozilla: Content-Security-Policy base-uri bypass
  • CVE-2022-40957: Mozilla: Incoherent instruction cache when building WASM on ARM64
  • CVE-2022-40958: Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
  • CVE-2022-40959: Mozilla: Bypassing FeaturePolicy restrictions on transient pages
  • CVE-2022-40960: Mozilla: Data-race when parsing non-UTF-8 URLs in threads
  • CVE-2022-40962: Mozilla: Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3
Red Hat Security Data
#vulnerability#linux#red_hat#dos#firefox#sap

Issued:

2022-09-26

Updated:

2022-09-26

RHSA-2022:6716 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: thunderbird security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for thunderbird is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Mozilla Thunderbird is a standalone mail and newsgroup client.

This update upgrades Thunderbird to version 102.3.0.

Security Fix(es):

  • Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag (CVE-2022-3033)
  • Mozilla: Bypassing FeaturePolicy restrictions on transient pages (CVE-2022-40959)
  • Mozilla: Data-race when parsing non-UTF-8 URLs in threads (CVE-2022-40960)
  • Mozilla: Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3 (CVE-2022-40962)
  • Mozilla: Remote content specified in an HTML document that was nested inside an iframe’s srcdoc attribute was not blocked (CVE-2022-3032)
  • Mozilla: An iframe element in an HTML email could trigger a network request (CVE-2022-3034)
  • Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack (CVE-2022-36059)
  • Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix (CVE-2022-40958)
  • Mozilla: Content-Security-Policy base-uri bypass (CVE-2022-40956)
  • Mozilla: Incoherent instruction cache when building WASM on ARM64 (CVE-2022-40957)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

All running instances of Thunderbird must be restarted for the update to take effect.

Affected Products

  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64

Fixes

  • BZ - 2123255 - CVE-2022-3032 Mozilla: Remote content specified in an HTML document that was nested inside an iframe’s srcdoc attribute was not blocked
  • BZ - 2123256 - CVE-2022-3033 Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag
  • BZ - 2123257 - CVE-2022-3034 Mozilla: An iframe element in an HTML email could trigger a network request
  • BZ - 2123258 - CVE-2022-36059 Mozilla: Matrix SDK bundled with Thunderbird vulnerable to denial-of-service attack
  • BZ - 2128792 - CVE-2022-40959 Mozilla: Bypassing FeaturePolicy restrictions on transient pages
  • BZ - 2128793 - CVE-2022-40960 Mozilla: Data-race when parsing non-UTF-8 URLs in threads
  • BZ - 2128794 - CVE-2022-40958 Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix
  • BZ - 2128795 - CVE-2022-40956 Mozilla: Content-Security-Policy base-uri bypass
  • BZ - 2128796 - CVE-2022-40957 Mozilla: Incoherent instruction cache when building WASM on ARM64
  • BZ - 2128797 - CVE-2022-40962 Mozilla: Memory safety bugs fixed in Firefox 105 and Firefox ESR 102.3

CVEs

  • CVE-2022-3032
  • CVE-2022-3033
  • CVE-2022-3034
  • CVE-2022-36059
  • CVE-2022-40956
  • CVE-2022-40957
  • CVE-2022-40958
  • CVE-2022-40959
  • CVE-2022-40960
  • CVE-2022-40962

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1

SRPM

thunderbird-102.3.0-3.el8_1.src.rpm

SHA-256: 94134fd67655b3c0d89817c33ed5e9ada15a4ce252c98403bcc415cdb5e872fb

ppc64le

thunderbird-102.3.0-3.el8_1.ppc64le.rpm

SHA-256: c9408eeb0b4ffad4b1673446a690f5bfd2827f4be7f729791d25b36980f2832a

thunderbird-debuginfo-102.3.0-3.el8_1.ppc64le.rpm

SHA-256: e5655219c37c613d1919f0d969727955458b256946e5832a3cbc1404f9eee7dc

thunderbird-debugsource-102.3.0-3.el8_1.ppc64le.rpm

SHA-256: 8a6189098ca96bc593af1f9d802c584706152208f7503da1c51ce697754b839e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1

SRPM

thunderbird-102.3.0-3.el8_1.src.rpm

SHA-256: 94134fd67655b3c0d89817c33ed5e9ada15a4ce252c98403bcc415cdb5e872fb

x86_64

thunderbird-102.3.0-3.el8_1.x86_64.rpm

SHA-256: 27bdb50d8b258083bd60ccaf2dd99588156adcdeca6706ff54e3936518489b64

thunderbird-debuginfo-102.3.0-3.el8_1.x86_64.rpm

SHA-256: 201afd69350af31cf51e76bf417c7a47dfa53670c0b0373ad11321ddcca49c0e

thunderbird-debugsource-102.3.0-3.el8_1.x86_64.rpm

SHA-256: 82d03267a242307ac5870bdf36ae7edcad552e0bfe90ec6c3b2ac3162782a976

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

CVE-2023-28427: Security releases: matrix-js-sdk 24.0.0 and matrix-react-sdk 3.69.0 | Matrix.org

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 24.0.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This vulnerability is distinct from GHSA-rfv9-x7hh-xc32 which covers a similar issue. The issue has been patched in matrix-js-sdk 24.0.0 and users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE-2022-36059: Prototype pollution in matrix-js-sdk

matrix-js-sdk is a Matrix messaging protocol Client-Server SDK for JavaScript. In versions prior to 19.4.0 events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. This issue has been fixed in matrix-js-sdk 19.4.0 and users are advised to upgrade. Users unable to upgrade may mitigate this issue by redacting applicable events, waiting for the sync processor to store data, and restarting the client. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible.

GHSA-rfv9-x7hh-xc32: matrix-js-sdk Prototype Pollution vulnerability

### Impact Events sent with special strings in key places can temporarily disrupt or impede the matrix-js-sdk from functioning properly, potentially impacting the consumer's ability to process data safely. Note that the matrix-js-sdk can appear to be operating normally but be excluding or corrupting runtime data presented to the consumer. ### Patches This is fixed in matrix-js-sdk 19.4.0. ### Workarounds Redacting applicable events, waiting for the sync processor to store data, and restarting the client can often fix it. Alternatively, redacting the applicable events and clearing all storage will often fix most perceived issues. In some cases, no workarounds are possible. ### References https://learn.snyk.io/lessons/prototype-pollution/javascript/ ### For more information If you have any questions or comments about this advisory please email us at [security at matrix.org](mailto:[email protected]).

CVE-2022-3032: Invalid Bug ID

When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1.

CVE-2022-3266: Security Vulnerabilities fixed in Thunderbird 102.3

An out-of-bounds read can occur when decoding H264 video. This results in a potentially exploitable crash. This vulnerability affects Firefox ESR < 102.3, Thunderbird < 102.3, and Firefox < 105.

CVE-2022-3033: Security Vulnerabilities fixed in Thunderbird 91.13.1

If a Thunderbird user replied to a crafted HTML email containing a <code>meta</code> tag, with the <code>meta</code> tag having the <code>http-equiv="refresh"</code> attribute, and the content attribute specifying an URL, then Thunderbird started a network request to that URL, regardless of the configuration to block remote content. In combination with certain other HTML elements and attributes in the email, it was possible to execute JavaScript code included in the message in the context of the message compose document. The JavaScript code was able to perform actions including, but probably not limited to, read and modify the contents of the message compose document, including the quoted original message, which could potentially contain the decrypted plaintext of encrypted data in the crafted email. The contents could then be transmitted to the network, either to the URL specified in the META refresh tag, or to a different URL, as the JavaScript code could modify the URL specified in ...

Ubuntu Security Notice USN-5663-1

Ubuntu Security Notice 5663-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, obtain sensitive information, spoof the contents of the addressbar, bypass security restrictions, or execute arbitrary code.

Gentoo Linux Security Advisory 202209-18

Gentoo Linux Security Advisory 202209-18 - Multiple vulnerabilities have been found in Mozilla Thunderbird, the world of which could result in arbitrary code execution. Versions less than 102.3.0 are affected.

Red Hat Security Advisory 2022-6700-01

Red Hat Security Advisory 2022-6700-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6700-01

Red Hat Security Advisory 2022-6700-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6700-01

Red Hat Security Advisory 2022-6700-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6700-01

Red Hat Security Advisory 2022-6700-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6701-01

Red Hat Security Advisory 2022-6701-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6701-01

Red Hat Security Advisory 2022-6701-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6701-01

Red Hat Security Advisory 2022-6701-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6701-01

Red Hat Security Advisory 2022-6701-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6702-01

Red Hat Security Advisory 2022-6702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6702-01

Red Hat Security Advisory 2022-6702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6702-01

Red Hat Security Advisory 2022-6702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6702-01

Red Hat Security Advisory 2022-6702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6702-01

Red Hat Security Advisory 2022-6702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6702-01

Red Hat Security Advisory 2022-6702-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6703-01

Red Hat Security Advisory 2022-6703-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6703-01

Red Hat Security Advisory 2022-6703-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6707-01

Red Hat Security Advisory 2022-6707-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6707-01

Red Hat Security Advisory 2022-6707-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6707-01

Red Hat Security Advisory 2022-6707-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6707-01

Red Hat Security Advisory 2022-6707-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6707-01

Red Hat Security Advisory 2022-6707-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6707-01

Red Hat Security Advisory 2022-6707-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6708-01

Red Hat Security Advisory 2022-6708-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6710-01

Red Hat Security Advisory 2022-6710-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6711-01

Red Hat Security Advisory 2022-6711-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6711-01

Red Hat Security Advisory 2022-6711-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6711-01

Red Hat Security Advisory 2022-6711-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6711-01

Red Hat Security Advisory 2022-6711-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6711-01

Red Hat Security Advisory 2022-6711-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6711-01

Red Hat Security Advisory 2022-6711-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.3.0 ESR. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6713-01

Red Hat Security Advisory 2022-6713-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2022-6715-01

Red Hat Security Advisory 2022-6715-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 102.3.0. Issues addressed include a bypass vulnerability.

RHSA-2022:6717: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6717: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6717: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6717: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6717: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6717: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6717: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6715: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6708: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6710: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could trigger a network request * C...

RHSA-2022:6707: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40956: Mozilla: Content-Security-Policy base-uri bypass * CVE-2022-40957: Mozilla: Incoherent instruction cache when building WASM on ARM64 * CVE-2022-40958: Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix * CVE-2022-40959: Mozilla: Bypassing FeaturePolicy restrictions on transient pag...

RHSA-2022:6713: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3032: Mozilla: Remote content specified in an HTML document that was nested inside an iframe's srcdoc attribute was not blocked * CVE-2022-3033: Mozilla: Leaking of sensitive information when composing a response to an HTML email with a META refresh tag * CVE-2022-3034: Mozilla: An iframe element in an HTML email could tri...

RHSA-2022:6702: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40956: Mozilla: Content-Security-Policy base-uri bypass * CVE-2022-40957: Mozilla: Incoherent instruction cache when building WASM on ARM64 * CVE-2022-40958: Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix * CVE-2022-40959: Mozilla: Bypassing FeaturePolicy restrictions on transient pages * CVE-2022-40960: Mozil...

RHSA-2022:6700: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40956: Mozilla: Content-Security-Policy base-uri bypass * CVE-2022-40957: Mozilla: Incoherent instruction cache when building WASM on ARM64 * CVE-2022-40958: Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix * CVE-2022-40959: Mozilla: Bypassing FeaturePolicy restrictions on transient pages * CVE-2022-40960: Mozil...

RHSA-2022:6703: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-40956: Mozilla: Content-Security-Policy base-uri bypass * CVE-2022-40957: Mozilla: Incoherent instruction cache when building WASM on ARM64 * CVE-2022-40958: Mozilla: Bypassing Secure Context restriction for cookies with __Host and __Secure prefix * CVE-2022-40959: Mozilla: Bypassing FeaturePolicy restrictions on tra...

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

Categories: Exploits and vulnerabilities Categories: News Tags: CVE-2022-40959 Tags: CVE-2022-40960 Tags: CVE-2022-40962 Tags: CVE-2022-3033 Tags: Mozilla Tags: Firefox Tags: Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird which could be exploited to take control of a system. (Read more...) The post Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities appeared first on Malwarebytes Labs.

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

Categories: Exploits and vulnerabilities Categories: News Tags: CVE-2022-40959 Tags: CVE-2022-40960 Tags: CVE-2022-40962 Tags: CVE-2022-3033 Tags: Mozilla Tags: Firefox Tags: Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird which could be exploited to take control of a system. (Read more...) The post Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities appeared first on Malwarebytes Labs.

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

Categories: Exploits and vulnerabilities Categories: News Tags: CVE-2022-40959 Tags: CVE-2022-40960 Tags: CVE-2022-40962 Tags: CVE-2022-3033 Tags: Mozilla Tags: Firefox Tags: Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird which could be exploited to take control of a system. (Read more...) The post Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities appeared first on Malwarebytes Labs.