{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:HPE Helion OpenStack 8","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=HPE%20Helion%20OpenStack%208"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 8","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%208"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud 9","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%209"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud Crowbar 8","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%20Crowbar%208"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:OpenStack Cloud Crowbar 9","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP3","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP4","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox-devel":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Software Development Kit 12 SP5","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP2-BCL","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP3-BCL","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP4-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.4.0-112.83.1","MozillaFirefox-devel":"91.4.0-112.83.1","MozillaFirefox-translations-common":"91.4.0-112.83.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP5","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.4.0-112.83.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaFirefox fixes the following issues:\n                                                                                                                    \nUpdate to Extended Support Release 91.4.0 (bsc#1193485):                                                            \n                                                                                                                    \n- CVE-2021-43536: URL leakage when navigating while executing asynchronous function\n- CVE-2021-43537: Heap buffer overflow when using structured clone                         \n- CVE-2021-43538: Missing fullscreen and pointer lock notification when requesting both\n- CVE-2021-43539: GC rooting failure when calling wasm instance methods \n- CVE-2021-43541: External protocol handler parameters were unescaped                                                  \n- CVE-2021-43542: XMLHttpRequest error codes could have leaked the existence of an external protocol handler           \n- CVE-2021-43543: Bypass of CSP sandbox directive when embedding                                                       \n- CVE-2021-43545: Denial of Service when using the Location API in a loop                                              \n- CVE-2021-43546: Cursor spoofing could overlay user interface when native cursor is zoomed                         \n- Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4                                                       \n- Removed x-scheme-handler/ftp from MozillaFirefox.desktop (bsc#1193321)                                            \n","id":"SUSE-SU-2021:4000-1","modified":"2021-12-12T09:52:15Z","published":"2021-12-12T09:52:15Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2021/suse-su-20214000-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193321"},{"type":"REPORT","url":"https://bugzilla.suse.com/1193485"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43536"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43537"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43538"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43539"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43541"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43542"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43543"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43545"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-43546"}],"related":["CVE-2021-43536","CVE-2021-43537","CVE-2021-43538","CVE-2021-43539","CVE-2021-43541","CVE-2021-43542","CVE-2021-43543","CVE-2021-43545","CVE-2021-43546"],"summary":"Security update for MozillaFirefox","upstream":["CVE-2021-43536","CVE-2021-43537","CVE-2021-43538","CVE-2021-43539","CVE-2021-43541","CVE-2021-43542","CVE-2021-43543","CVE-2021-43545","CVE-2021-43546"]}