View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2014-8637 severity moderate: SUSE including 82 source package names (MozillaFirefox, MozillaFirefox-102.11.0-150200.152.87.1, …), 160 product×package rows across 32 product lines (SUSE CaaS Platform 4.0, SUSE Enterprise Storage 6, … (32 product lines)): Fixed 129, Known Not Affected 31.
Mozilla Firefox before 35.0 and SeaMonkey before 2.32 do not properly initialize memory for BMP images, which allows remote attackers to obtain sensitive information from process memory via a crafted web page that triggers the rendering of malformed BMP data within a CANVAS element.