ALSA-2022:1287
See a problem?- Source
- https://errata.almalinux.org/8/ALSA-2022-1287.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2022:1287.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2022:1287
- Related
- Published
- 2022-04-08T13:40:04Z
- Modified
- 2022-04-11T14:42:15Z
- Summary
- Important: firefox security update
- Details
-
Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability.
This update upgrades Firefox to version 91.8.0 ESR.
Security Fix(es):
Mozilla: Use-after-free in NSSToken objects (CVE-2022-1097)
Mozilla: Out of bounds write due to unexpected WebAuthN Extensions (CVE-2022-28281)
Mozilla: Memory safety bugs fixed in Firefox 99 and Firefox ESR 91.8 (CVE-2022-28289)
Mozilla: Use-after-free after VR Process destruction (CVE-2022-1196)
Mozilla: Use-after-free in DocumentL10n::TranslateDocument (CVE-2022-28282)
Mozilla: Incorrect AliasSet used in JIT Codegen (CVE-2022-28285)
Mozilla: Denial of Service via complex regular expressions (CVE-2022-24713)
Mozilla: iframe contents could be rendered outside the border (CVE-2022-28286)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
- References
-
- https://vulners.com/cve/CVE-2022-1097
- https://vulners.com/cve/CVE-2022-1196
- https://vulners.com/cve/CVE-2022-24713
- https://vulners.com/cve/CVE-2022-28281
- https://vulners.com/cve/CVE-2022-28282
- https://vulners.com/cve/CVE-2022-28285
- https://vulners.com/cve/CVE-2022-28286
- https://vulners.com/cve/CVE-2022-28289