View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2015-4495 severity important: SUSE including 128 source package names (MozillaFirefox-102.11.0-150200.152.87.1, MozillaFirefox-115.10.0-150200.152.134.1, …), 319 product×package rows across 69 product lines (Image SLES12-SP5-Azure-BYOS, Image SLES12-SP5-Azure-Basic-On-Demand, … (69 product lines)): Fixed 301, Known Not Affected 18.
The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS before 2.2 allows remote attackers to bypass the Same Origin Policy, and read arbitrary files or gain privileges, via vectors involving crafted JavaScript code and a native setter, as exploited in the wild in August 2015.