openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2025:0059-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.856913

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2025:0059-1)

Resumen: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2025:0059-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2025:0059-1 advisory.

Vulnerability Insight:
This update for MozillaFirefox fixes the following issues:

- Firefox Extended Support Release 128.6.0 ESR
* Fixed: Various security fixes.

MFSA 2025-02 (bsc#1234991)
* CVE-2025-0237 (bmo#1915257)
WebChannel APIs susceptible to confused deputy attack
* CVE-2025-0238 (bmo#1915535)
Use-after-free when breaking lines
* CVE-2025-0239 (bmo#1929156)
Alt-Svc ALPN validation failure when redirected
* CVE-2025-0240 (bmo#1929623)
Compartment mismatch when parsing JavaScript JSON module
* CVE-2025-0241 (bmo#1933023)
Memory corruption when using JavaScript Text Segmentation
* CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873,
bmo#1932169)
Memory safety bugs fixed in Firefox 134, Thunderbird 134,
Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19,
and Thunderbird 128.6
* CVE-2025-0243 (bmo#1827142, bmo#1932783)
Memory safety bugs fixed in Firefox 134, Thunderbird 134,
Firefox ESR 128.6, and Thunderbird 128.6

- Firefox Extended Support Release 128.5.2 ESR
* Fixed: Fixed a crash experienced by Windows users with Qihoo
360 Total Security Antivirus software installed (bmo#1934258)

Affected Software/OS:
'MozillaFirefox' package(s) on openSUSE Leap 15.6.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:N/A:N

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2025-0237
Common Vulnerability Exposure (CVE) ID: CVE-2025-0238
Common Vulnerability Exposure (CVE) ID: CVE-2025-0239
Common Vulnerability Exposure (CVE) ID: CVE-2025-0240
Common Vulnerability Exposure (CVE) ID: CVE-2025-0241
Common Vulnerability Exposure (CVE) ID: CVE-2025-0242
Common Vulnerability Exposure (CVE) ID: CVE-2025-0243

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.856913
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2025:0059-1)
Resumen:	The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2025:0059-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'MozillaFirefox' package(s) announced via the SUSE-SU-2025:0059-1 advisory. Vulnerability Insight: This update for MozillaFirefox fixes the following issues: - Firefox Extended Support Release 128.6.0 ESR * Fixed: Various security fixes. MFSA 2025-02 (bsc#1234991) * CVE-2025-0237 (bmo#1915257) WebChannel APIs susceptible to confused deputy attack * CVE-2025-0238 (bmo#1915535) Use-after-free when breaking lines * CVE-2025-0239 (bmo#1929156) Alt-Svc ALPN validation failure when redirected * CVE-2025-0240 (bmo#1929623) Compartment mismatch when parsing JavaScript JSON module * CVE-2025-0241 (bmo#1933023) Memory corruption when using JavaScript Text Segmentation * CVE-2025-0242 (bmo#1874523, bmo#1926454, bmo#1931873, bmo#1932169) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6 * CVE-2025-0243 (bmo#1827142, bmo#1932783) Memory safety bugs fixed in Firefox 134, Thunderbird 134, Firefox ESR 128.6, and Thunderbird 128.6 - Firefox Extended Support Release 128.5.2 ESR * Fixed: Fixed a crash experienced by Windows users with Qihoo 360 Total Security Antivirus software installed (bmo#1934258) Affected Software/OS: 'MozillaFirefox' package(s) on openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2025-0237 Common Vulnerability Exposure (CVE) ID: CVE-2025-0238 Common Vulnerability Exposure (CVE) ID: CVE-2025-0239 Common Vulnerability Exposure (CVE) ID: CVE-2025-0240 Common Vulnerability Exposure (CVE) ID: CVE-2025-0241 Common Vulnerability Exposure (CVE) ID: CVE-2025-0242 Common Vulnerability Exposure (CVE) ID: CVE-2025-0243
Copyright	Copyright (C) 2025 Greenbone AG