Oval Definition:oval:org.opensuse.security:def:202323602
Revision Date:2023-06-22Version:1
Title:CVE-2023-23602
Description:

A mishandled security check when creating a WebSocket in a WebWorker caused the Content Security Policy connect-src header to be ignored. This could lead to connections to restricted origins from inside WebWorkers. This vulnerability affects Firefox < 109, Thunderbird < 102.7, and Firefox ESR < 102.7.
Family:unixClass:vulnerability
Status:Reference(s):Mitre CVE-2023-23602
SUSE CVE-2023-23602
SUSE-SU-2023:0111-1
SUSE-SU-2023:0112-1
SUSE-SU-2023:0113-1
SUSE-SU-2023:0329-1
Platform(s):SUSE Linux Enterprise Desktop 15 SP5
SUSE Linux Enterprise High Performance Computing 15 SP5
SUSE Linux Enterprise Module for Desktop Applications 15 SP5
SUSE Linux Enterprise Server 15 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP5
SUSE Linux Enterprise Workstation Extension 15 SP5
Product(s):
Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Workstation Extension 15 SP5 is installed
  • AND
  • MozillaThunderbird is affected
  • OR MozillaThunderbird-translations-common is affected
  • OR MozillaThunderbird-translations-other is affected
  • OR Package Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Desktop Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND
  • MozillaFirefox-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-devel-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-common-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-other-102.11.0-150200.152.87.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Desktop 15 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 15 SP5 is installed
  • OR SUSE Linux Enterprise Module for Desktop Applications 15 SP5 is installed
  • OR SUSE Linux Enterprise Server 15 SP5 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP5 is installed
  • AND Package Information
  • MozillaFirefox-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-devel-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-common-102.11.0-150200.152.87.1 is installed
  • OR MozillaFirefox-translations-other-102.11.0-150200.152.87.1 is installed
    • BACK