{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"60.5.0esr-109.58.3","MozillaFirefox-branding-SLE":"60-32.5.1","MozillaFirefox-devel":"60.5.0esr-109.58.3","MozillaFirefox-translations-common":"60.5.0esr-109.58.3","libfreebl3":"3.41.1-58.25.1","libfreebl3-32bit":"3.41.1-58.25.1","libfreebl3-hmac":"3.41.1-58.25.1","libfreebl3-hmac-32bit":"3.41.1-58.25.1","libsoftokn3":"3.41.1-58.25.1","libsoftokn3-32bit":"3.41.1-58.25.1","libsoftokn3-hmac":"3.41.1-58.25.1","libsoftokn3-hmac-32bit":"3.41.1-58.25.1","mozilla-nss":"3.41.1-58.25.1","mozilla-nss-32bit":"3.41.1-58.25.1","mozilla-nss-certs":"3.41.1-58.25.1","mozilla-nss-certs-32bit":"3.41.1-58.25.1","mozilla-nss-devel":"3.41.1-58.25.1","mozilla-nss-sysinit":"3.41.1-58.25.1","mozilla-nss-sysinit-32bit":"3.41.1-58.25.1","mozilla-nss-tools":"3.41.1-58.25.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"60.5.0esr-109.58.3"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"60.5.0esr-109.58.3","MozillaFirefox-branding-SLE":"60-32.5.1","MozillaFirefox-devel":"60.5.0esr-109.58.3","MozillaFirefox-translations-common":"60.5.0esr-109.58.3","libfreebl3":"3.41.1-58.25.1","libfreebl3-32bit":"3.41.1-58.25.1","libfreebl3-hmac":"3.41.1-58.25.1","libfreebl3-hmac-32bit":"3.41.1-58.25.1","libsoftokn3":"3.41.1-58.25.1","libsoftokn3-32bit":"3.41.1-58.25.1","libsoftokn3-hmac":"3.41.1-58.25.1","libsoftokn3-hmac-32bit":"3.41.1-58.25.1","mozilla-nss":"3.41.1-58.25.1","mozilla-nss-32bit":"3.41.1-58.25.1","mozilla-nss-certs":"3.41.1-58.25.1","mozilla-nss-certs-32bit":"3.41.1-58.25.1","mozilla-nss-devel":"3.41.1-58.25.1","mozilla-nss-sysinit":"3.41.1-58.25.1","mozilla-nss-sysinit-32bit":"3.41.1-58.25.1","mozilla-nss-tools":"3.41.1-58.25.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"MozillaFirefox-branding-SLE","purl":"pkg:rpm/suse/MozillaFirefox-branding-SLE&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"60-32.5.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"60.5.0esr-109.58.3","MozillaFirefox-branding-SLE":"60-32.5.1","MozillaFirefox-devel":"60.5.0esr-109.58.3","MozillaFirefox-translations-common":"60.5.0esr-109.58.3","libfreebl3":"3.41.1-58.25.1","libfreebl3-32bit":"3.41.1-58.25.1","libfreebl3-hmac":"3.41.1-58.25.1","libfreebl3-hmac-32bit":"3.41.1-58.25.1","libsoftokn3":"3.41.1-58.25.1","libsoftokn3-32bit":"3.41.1-58.25.1","libsoftokn3-hmac":"3.41.1-58.25.1","libsoftokn3-hmac-32bit":"3.41.1-58.25.1","mozilla-nss":"3.41.1-58.25.1","mozilla-nss-32bit":"3.41.1-58.25.1","mozilla-nss-certs":"3.41.1-58.25.1","mozilla-nss-certs-32bit":"3.41.1-58.25.1","mozilla-nss-devel":"3.41.1-58.25.1","mozilla-nss-sysinit":"3.41.1-58.25.1","mozilla-nss-sysinit-32bit":"3.41.1-58.25.1","mozilla-nss-tools":"3.41.1-58.25.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server for SAP Applications 12 SP1","name":"mozilla-nss","purl":"pkg:rpm/suse/mozilla-nss&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"3.41.1-58.25.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaFirefox fixes the following issues:\n\nSecurity issues fixed:\n\nCVE-2018-18500: Fixed a use-after-free parsing HTML5 stream (boo#1122983).\nCVE-2018-18501: Fixed multiple memory safety bugs (boo#1122983).\nCVE-2018-18505: Fixed a privilege escalation through IPC channel messages (boo#1122983).\n","id":"SUSE-SU-2019:0336-2","modified":"2019-04-12T16:05:52Z","published":"2019-04-12T16:05:52Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2019/suse-su-20190336-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1120374"},{"type":"REPORT","url":"https://bugzilla.suse.com/1122983"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18500"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18501"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-18505"}],"related":["CVE-2018-18500","CVE-2018-18501","CVE-2018-18505"],"summary":"Security update for MozillaFirefox","upstream":["CVE-2018-18500","CVE-2018-18501","CVE-2018-18505"]}