suse · CVE-2014-1595

Quick triage

Priority: medium Published: 2021-05-30 13:19:21 UTC Updated: 2026-04-18 18:42:39 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2014-1595 severity moderate: SUSE including 27 source package names (MozillaFirefox, MozillaFirefox-31.3.0esr-0.3.1, …), 141 product×package rows across 43 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (43 product lines)): Fixed 110, Known Not Affected 31.

Description:

Mozilla Firefox before 34.0, Firefox ESR 31.x before 31.3, and Thunderbird before 31.3 on Apple OS X 10.10 omit a CoreGraphics disable-logging action that is needed by jemalloc-based applications, which allows local users to obtain sensitive information by reading /tmp files, as demonstrated by credential information.

cvelogic Threat Intelligence