Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2025-0045)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2025.0045

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2025-0045)

Zusammenfassung: The remote host is missing an update for the 'firefox, firefox-l10n, nss, rootcerts' package(s) announced via the MGASA-2025-0045 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'firefox, firefox-l10n, nss, rootcerts' package(s) announced via the MGASA-2025-0045 advisory.

Vulnerability Insight:
Use-after-free in XSLT. (CVE-2025-1009)
Use-after-free in Custom Highlight. (CVE-2025-1010)
A bug in WebAssembly code generation could result in a crash.
(CVE-2025-1011)
Use-after-free during concurrent delazification. (CVE-2025-1012)
Potential double-free vulnerability in PKCS#7 decryption handling.
(CVE-2024-11704)
Potential opening of private browsing tabs in normal browsing windows.
(CVE-2025-1013)
Certificate length was not properly checked. (CVE-2025-1014)
Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR
115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird 128.7.
(CVE-2025-1016)
Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR
128.7, and Thunderbird 128.7. (CVE-2025-1017)

Affected Software/OS:
'firefox, firefox-l10n, nss, rootcerts' package(s) on Mageia 9.

Solution:
Please install the updated package(s).

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2024-11704
Common Vulnerability Exposure (CVE) ID: CVE-2025-1009
Common Vulnerability Exposure (CVE) ID: CVE-2025-1010
Common Vulnerability Exposure (CVE) ID: CVE-2025-1011
Common Vulnerability Exposure (CVE) ID: CVE-2025-1012
Common Vulnerability Exposure (CVE) ID: CVE-2025-1013
Common Vulnerability Exposure (CVE) ID: CVE-2025-1014
Common Vulnerability Exposure (CVE) ID: CVE-2025-1016
Common Vulnerability Exposure (CVE) ID: CVE-2025-1017

Copyright Copyright (C) 2025 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2025.0045
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2025-0045)
Zusammenfassung:	The remote host is missing an update for the 'firefox, firefox-l10n, nss, rootcerts' package(s) announced via the MGASA-2025-0045 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'firefox, firefox-l10n, nss, rootcerts' package(s) announced via the MGASA-2025-0045 advisory. Vulnerability Insight: Use-after-free in XSLT. (CVE-2025-1009) Use-after-free in Custom Highlight. (CVE-2025-1010) A bug in WebAssembly code generation could result in a crash. (CVE-2025-1011) Use-after-free during concurrent delazification. (CVE-2025-1012) Potential double-free vulnerability in PKCS#7 decryption handling. (CVE-2024-11704) Potential opening of private browsing tabs in normal browsing windows. (CVE-2025-1013) Certificate length was not properly checked. (CVE-2025-1014) Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 115.20, Firefox ESR 128.7, Thunderbird 115.20, and Thunderbird 128.7. (CVE-2025-1016) Memory safety bugs fixed in Firefox 135, Thunderbird 135, Firefox ESR 128.7, and Thunderbird 128.7. (CVE-2025-1017) Affected Software/OS: 'firefox, firefox-l10n, nss, rootcerts' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2024-11704 Common Vulnerability Exposure (CVE) ID: CVE-2025-1009 Common Vulnerability Exposure (CVE) ID: CVE-2025-1010 Common Vulnerability Exposure (CVE) ID: CVE-2025-1011 Common Vulnerability Exposure (CVE) ID: CVE-2025-1012 Common Vulnerability Exposure (CVE) ID: CVE-2025-1013 Common Vulnerability Exposure (CVE) ID: CVE-2025-1014 Common Vulnerability Exposure (CVE) ID: CVE-2025-1016 Common Vulnerability Exposure (CVE) ID: CVE-2025-1017
Copyright	Copyright (C) 2025 Greenbone AG