{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Desktop Applications 15 SP4","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-ESPOS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP3-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Real Time 15 SP3","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP2-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP3-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP2","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP3","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7.1","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"102.8.0-150200.152.78.1","MozillaFirefox-branding-upstream":"102.8.0-150200.152.78.1","MozillaFirefox-devel":"102.8.0-150200.152.78.1","MozillaFirefox-translations-common":"102.8.0-150200.152.78.1","MozillaFirefox-translations-other":"102.8.0-150200.152.78.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.4","name":"MozillaFirefox","purl":"pkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Leap%2015.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"102.8.0-150200.152.78.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaFirefox fixes the following issues:\n\n  Updated to version 102.8.0 ESR (bsc#1208144):\n\n  - CVE-2023-25728: Fixed content security policy leak in violation reports using iframes.\n  - CVE-2023-25730: Fixed screen hijack via browser fullscreen mode.\n  - CVE-2023-25743: Fixed Fullscreen notification not being shown in Firefox Focus.\n  - CVE-2023-0767: Fixed arbitrary memory write via PKCS 12 in NSS.\n  - CVE-2023-25735: Fixed potential use-after-free from compartment mismatch in SpiderMonkey.\n  - CVE-2023-25737: Fixed invalid downcast in SVGUtils::SetupStrokeGeometry.\n  - CVE-2023-25738: Fixed printing on Windows which could potentially crash Firefox with some device drivers.\n  - CVE-2023-25739: Fixed use-after-free in mozilla::dom::ScriptLoadContext::~ScriptLoadContext.\n  - CVE-2023-25729: Fixed extensions opening external schemes without user knowledge.\n  - CVE-2023-25732: Fixed out of bounds memory write from EncodeInputStream.\n  - CVE-2023-25734: Fixed opening local .url files that causes unexpected network loads.\n  - CVE-2023-25742: Fixed tab crash by Web Crypto ImportKey.\n  - CVE-2023-25744: Fixed Memory safety bugs.\n  - CVE-2023-25746: Fixed Memory safety bugs.\n\n","id":"SUSE-SU-2023:0461-1","modified":"2023-02-20T13:36:24Z","published":"2023-02-20T13:36:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20230461-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1208138"},{"type":"REPORT","url":"https://bugzilla.suse.com/1208144"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-0767"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25728"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25729"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25730"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25732"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25734"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25735"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25737"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25738"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25739"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25742"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25743"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25744"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-25746"}],"related":["CVE-2023-0767","CVE-2023-25728","CVE-2023-25729","CVE-2023-25730","CVE-2023-25732","CVE-2023-25734","CVE-2023-25735","CVE-2023-25737","CVE-2023-25738","CVE-2023-25739","CVE-2023-25742","CVE-2023-25743","CVE-2023-25744","CVE-2023-25746"],"summary":"Security update for MozillaFirefox","upstream":["CVE-2023-0767","CVE-2023-25728","CVE-2023-25729","CVE-2023-25730","CVE-2023-25732","CVE-2023-25734","CVE-2023-25735","CVE-2023-25737","CVE-2023-25738","CVE-2023-25739","CVE-2023-25742","CVE-2023-25743","CVE-2023-25744","CVE-2023-25746"]}