Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2019-11725: SUSE Linux Security Advisory

Back to Search

SUSE: CVE-2019-11725: SUSE Linux Security Advisory

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

07/09/2019

Created

10/10/2019

Added

10/08/2019

Modified

10/22/2021

Description

When a user navigates to site marked as unsafe by the Safebrowsing API, warning messages are displayed and navigation is interrupted but resources from the same site loaded through websockets are not blocked, leading to the loading of unsafe resources and bypassing safebrowsing protections. This vulnerability affects Firefox < 68.

Solution(s)

suse-upgrade-enigmail
suse-upgrade-firefox-atk-lang
suse-upgrade-firefox-gdk-pixbuf-lang
suse-upgrade-firefox-gdk-pixbuf-query-loaders
suse-upgrade-firefox-gdk-pixbuf-thumbnailer
suse-upgrade-firefox-gio-branding-upstream
suse-upgrade-firefox-glib2-lang
suse-upgrade-firefox-glib2-tools
suse-upgrade-firefox-gtk3-branding-upstream
suse-upgrade-firefox-gtk3-data
suse-upgrade-firefox-gtk3-immodule-amharic
suse-upgrade-firefox-gtk3-immodule-inuktitut
suse-upgrade-firefox-gtk3-immodule-multipress
suse-upgrade-firefox-gtk3-immodule-thai
suse-upgrade-firefox-gtk3-immodule-vietnamese
suse-upgrade-firefox-gtk3-immodule-xim
suse-upgrade-firefox-gtk3-immodules-tigrigna
suse-upgrade-firefox-gtk3-lang
suse-upgrade-firefox-gtk3-tools
suse-upgrade-firefox-libatk-1_0-0
suse-upgrade-firefox-libcairo-gobject2
suse-upgrade-firefox-libcairo2
suse-upgrade-firefox-libffi4
suse-upgrade-firefox-libffi7
suse-upgrade-firefox-libgdk_pixbuf-2_0-0
suse-upgrade-firefox-libgtk-3-0
suse-upgrade-firefox-libharfbuzz0
suse-upgrade-firefox-libpango-1_0-0
suse-upgrade-libfirefox-gio-2_0-0
suse-upgrade-libfirefox-glib-2_0-0
suse-upgrade-libfirefox-gmodule-2_0-0
suse-upgrade-libfirefox-gobject-2_0-0
suse-upgrade-libfirefox-gthread-2_0-0
suse-upgrade-libfreebl3
suse-upgrade-libfreebl3-32bit
suse-upgrade-libsoftokn3
suse-upgrade-libsoftokn3-32bit
suse-upgrade-mozilla-nspr
suse-upgrade-mozilla-nspr-32bit
suse-upgrade-mozilla-nspr-devel
suse-upgrade-mozilla-nss
suse-upgrade-mozilla-nss-32bit
suse-upgrade-mozilla-nss-certs
suse-upgrade-mozilla-nss-certs-32bit
suse-upgrade-mozilla-nss-devel
suse-upgrade-mozilla-nss-tools
suse-upgrade-mozillafirefox
suse-upgrade-mozillafirefox-branding-sle
suse-upgrade-mozillafirefox-branding-sled
suse-upgrade-mozillafirefox-branding-upstream
suse-upgrade-mozillafirefox-buildsymbols
suse-upgrade-mozillafirefox-devel
suse-upgrade-mozillafirefox-translations-common
suse-upgrade-mozillafirefox-translations-other
suse-upgrade-mozillathunderbird
suse-upgrade-mozillathunderbird-buildsymbols
suse-upgrade-mozillathunderbird-translations-common
suse-upgrade-mozillathunderbird-translations-other

References

SUSE-SU-2019:14246-1
SUSE-SU-2019:2515-1
SUSE-SU-2019:2545-1
SUSE-SU-2019:2620-1
CVE-2019-11725
USN-4054-1
USN-4054-2

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

SUSE: CVE-2019-11725: SUSE Linux Security Advisory