vulnerability

Oracle Linux: CVE-2023-4580: ELSA-2023-4945: thunderbird security update (IMPORTANT) (Multiple Advisories)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:L/Au:N/C:P/I:P/A:N)	08/29/2023	05/21/2024	12/06/2024

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Published

08/29/2023

Added

05/21/2024

Modified

12/06/2024

Description

Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.
The Mozilla Foundation Security Advisory describes this flaw as:
Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information.

Solution(s)

oracle-linux-upgrade-firefoxoracle-linux-upgrade-firefox-x11oracle-linux-upgrade-thunderbird

References

CVE-2023-4580
https://attackerkb.com/topics/CVE-2023-4580
ELSA-ELSA-2023-4945
ELSA-ELSA-2023-5019
ELSA-ELSA-2023-4958
ELSA-ELSA-2023-4952
ELSA-ELSA-2023-4954
ELSA-ELSA-2023-4955

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today