{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Desktop Applications 15 SP3","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Desktop Applications 15 SP4","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-ESPOS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise High Performance Computing 15 SP2-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP2-BCL","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCL"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 15 SP2-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 15 SP2","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Manager Proxy 4.1","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Proxy%204.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Manager Retail Branch Server 4.1","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Manager Server 4.1","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Manager%20Server%204.1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"SUSE:Enterprise Storage 7","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Enterprise%20Storage%207"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-branding-upstream":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"MozillaFirefox","purl":"pkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"91.9.0-150200.152.33.1","MozillaFirefox-branding-upstream":"91.9.0-150200.152.33.1","MozillaFirefox-devel":"91.9.0-150200.152.33.1","MozillaFirefox-translations-common":"91.9.0-150200.152.33.1","MozillaFirefox-translations-other":"91.9.0-150200.152.33.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.4","name":"MozillaFirefox","purl":"pkg:rpm/opensuse/MozillaFirefox&distro=openSUSE%20Leap%2015.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"91.9.0-150200.152.33.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaFirefox fixes the following issues:\n\nFirefox Extended Support Release 91.9.0 ESR\n\nMFSA 2022-17 (bsc#1198970)\n\n* CVE-2022-29914: Fullscreen notification bypass using popups\n* CVE-2022-29909: Bypassing permission prompt in nested browsing contexts\n* CVE-2022-29916: Leaking browser history with CSS variables\n* CVE-2022-29911: iframe Sandbox bypass\n* CVE-2022-29912: Reader mode bypassed SameSite cookies\n* CVE-2022-29917: Memory safety bugs fixed in Firefox 100 and Firefox ESR 91.9\n\n","id":"SUSE-RU-2022:1579-1","modified":"2022-05-09T15:22:27Z","published":"2022-05-09T15:22:27Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/-2022-1579/suse-ru-20221579-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1198970"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-29909"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-29911"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-29912"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-29914"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-29916"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2022-29917"}],"related":["CVE-2022-29909","CVE-2022-29911","CVE-2022-29912","CVE-2022-29914","CVE-2022-29916","CVE-2022-29917"],"summary":"Recommended update for MozillaFirefox","upstream":["CVE-2022-29909","CVE-2022-29911","CVE-2022-29912","CVE-2022-29914","CVE-2022-29916","CVE-2022-29917"]}