logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2017-7808

Description

A content security policy (CSP) "frame-ancestors" directive containing origins with paths allows for comparisons against those paths instead of the origin. This results in a cross-origin information leak of this path information. This vulnerability affects Firefox < 55.


Affected Package


OS OS Version Package Name Package Version
Debian 999 firefox 102.0-1

Related