#firefox

Red Hat Security Advisory 2024-2906-03 - An update for firefox is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2887-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2886-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2885-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2884-03 - An update for Firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2883-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2882-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2881-03 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and use-after-free vulnerabilities.

Debian Linux Security Advisory 5691-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or clickjacking.

Today we are releasing Grafana 8.3.5 and 7.5.15. This patch release includes MEDIUM severity security fix for XSS for Grafana. Release v.8.3.5, only containing security fixes: - [Download Grafana 8.3.5](https://grafana.com/grafana/download/8.3.5) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-5/) Release v.7.5.15, only containing security fixes: - [Download Grafana 7.5.15](https://grafana.com/grafana/download/7.5.15) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-15/) ## XSS ([CVE-2022-21702](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-21702)) ### Summary On Jan. 16, an external security researcher, Jasu Viding contacted Grafana to disclose an XSS vulnerability in the way that Grafana handles data sources. An attacker could serve HTML content through the Grafana datasource or plugin proxy and trick a user to visit this HTML page using a specially crafted link and execute a Cross-si...