OESA-2024-1953

See a problem?
Please try reporting it to the source first.
Source
https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2024-1953
Import Source
https://repo.openeuler.org/security/data/osv/OESA-2024-1953.json
JSON Data
https://api.test.osv.dev/v1/vulns/OESA-2024-1953
Upstream
Published
2024-08-09T11:08:45Z
Modified
2025-08-12T05:44:43.350120Z
Summary
firefox security update
Details

Mozilla Firefox is a standalone web browser, designed for standards compliance and performance. Its functionality can be enhanced via a plethora of extensions.

Security Fix(es):

Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125, Firefox ESR < 115.10, and Thunderbird < 115.10.(CVE-2024-3864)

When saving a page to PDF, certain font styles could have led to a potential use-after-free crash. This vulnerability affects Firefox < 126, Firefox ESR < 115.11, and Thunderbird < 115.11.(CVE-2024-4770)

By manipulating the text in an &amp;lt;input&amp;gt; tag, an attacker could have caused corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.(CVE-2024-5696)

Database specific 
{
    "severity": "High"
}
References

Affected packages

openEuler:24.03-LTS / firefox

Package

Name
firefox
Purl
pkg:rpm/openEuler/firefox&distro=openEuler-24.03-LTS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
115.13.0-2.oe2403

Ecosystem specific 

{
    "aarch64": [
        "firefox-115.13.0-2.oe2403.aarch64.rpm",
        "firefox-debuginfo-115.13.0-2.oe2403.aarch64.rpm",
        "firefox-debugsource-115.13.0-2.oe2403.aarch64.rpm"
    ],
    "x86_64": [
        "firefox-115.13.0-2.oe2403.x86_64.rpm",
        "firefox-debuginfo-115.13.0-2.oe2403.x86_64.rpm",
        "firefox-debugsource-115.13.0-2.oe2403.x86_64.rpm"
    ],
    "src": [
        "firefox-115.13.0-2.oe2403.src.rpm"
    ]
}