{"affected":[{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"128.11.0-112.262.1","MozillaFirefox-devel":"128.11.0-112.262.1","MozillaFirefox-translations-common":"128.11.0-112.262.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server 12 SP5-LTSS","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"128.11.0-112.262.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"MozillaFirefox":"128.11.0-112.262.1","MozillaFirefox-devel":"128.11.0-112.262.1","MozillaFirefox-translations-common":"128.11.0-112.262.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5","name":"MozillaFirefox","purl":"pkg:rpm/suse/MozillaFirefox&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"128.11.0-112.262.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for MozillaFirefox fixes the following issues:\n\nUpdate to Mozilla Firefox ESR 128.11 (MFSA 2025-44, bsc#1243353):\n\n - MFSA-TMP-2025-0001: Double-free in libvpx encoder (bmo#1962421)\n - CVE-2025-5263: Error handling for script execution was incorrectly isolated from web content (bmo#1960745)\n - CVE-2025-5264: Potential local code execution in 'Copy as cURL' command (bmo#1950001)\n - CVE-2025-5265: Potential local code execution in 'Copy as cURL' command (bmo#1962301)\n - CVE-2025-5266: Script element events leaked cross-origin resource status (bmo#1965628)\n - CVE-2025-5267: Clickjacking vulnerability could have led to leaking saved payment card details (bmo#1954137)\n - CVE-2025-5268: Memory safety bugs fixed in Firefox 139, Thunderbird 139, Firefox ESR 128.11, and Thunderbird 128.11 (bmo#1950136, bmo#1958121, bmo#1960499, bmo#1962634)\n - CVE-2025-5269: Memory safety bug fixed in Firefox ESR 128.11 and Thunderbird 128.11 (bmo#1924108)\n","id":"SUSE-SU-2025:01769-1","modified":"2025-05-30T09:30:30Z","published":"2025-05-30T09:30:30Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2025/suse-su-202501769-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1243353"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5263"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5264"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5265"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5266"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5267"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5268"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2025-5269"}],"related":["CVE-2025-5263","CVE-2025-5264","CVE-2025-5265","CVE-2025-5266","CVE-2025-5267","CVE-2025-5268","CVE-2025-5269"],"summary":"Security update for MozillaFirefox","upstream":["CVE-2025-5263","CVE-2025-5264","CVE-2025-5265","CVE-2025-5266","CVE-2025-5267","CVE-2025-5268","CVE-2025-5269"]}