{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"115.5.0-150000.150.116.1","MozillaFirefox-devel":"115.5.0-150000.150.116.1","MozillaFirefox-translations-common":"115.5.0-150000.150.116.1","MozillaFirefox-translations-other":"115.5.0-150000.150.116.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP1-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.5.0-150000.150.116.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"115.5.0-150000.150.116.1","MozillaFirefox-devel":"115.5.0-150000.150.116.1","MozillaFirefox-translations-common":"115.5.0-150000.150.116.1","MozillaFirefox-translations-other":"115.5.0-150000.150.116.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP1-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.5.0-150000.150.116.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"115.5.0-150000.150.116.1","MozillaFirefox-devel":"115.5.0-150000.150.116.1","MozillaFirefox-translations-common":"115.5.0-150000.150.116.1","MozillaFirefox-translations-other":"115.5.0-150000.150.116.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP1","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"115.5.0-150000.150.116.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaFirefox fixes the following issues:\n\n- Firefox Extended Support Release 115.5.0 ESR Placeholder changelog-entry (bsc#1217230)\n                                                                                               \n  * Fixed: Various security fixes and other quality improvements. MFSA 2023-46 (bsc#1216338)\n  * CVE-2023-5721: Queued up rendering could have allowed websites to clickjack\n  * CVE-2023-5732: Address bar spoofing via bidirectional characters\n  * CVE-2023-5724: Large WebGL draw could have led to a crash\n  * CVE-2023-5725: WebExtensions could open arbitrary URLs               \n  * CVE-2023-5726: Full screen notification obscured by file open dialog on macOS\n  * CVE-2023-5727: Download Protections were bypassed by .msix, .msixbundle, .appx, and .appxbundle files on Windows\n  * CVE-2023-5728: Improper object tracking during GC in the JavaScript engine could have led to a crash.\n  * CVE-2023-5730: Memory safety bugs fixed in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4.1\n","id":"SUSE-SU-2023:4533-1","modified":"2023-11-22T18:20:49Z","published":"2023-11-22T18:20:49Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20234533-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1216338"},{"type":"REPORT","url":"https://bugzilla.suse.com/1217230"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5721"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5724"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5725"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5726"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5727"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5728"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5730"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-5732"}],"related":["CVE-2023-5721","CVE-2023-5724","CVE-2023-5725","CVE-2023-5726","CVE-2023-5727","CVE-2023-5728","CVE-2023-5730","CVE-2023-5732"],"summary":"Security update for MozillaFirefox","upstream":["CVE-2023-5721","CVE-2023-5724","CVE-2023-5725","CVE-2023-5726","CVE-2023-5727","CVE-2023-5728","CVE-2023-5730","CVE-2023-5732"]}