91 matches found
SUSE CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
EUVD-2026-10505
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
UBUNTU-CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
CVE-2026-3846 Same-origin policy bypass in the CSS Parsing and Computation component
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability affects Firefox 148.0.2...
CVE-2026-3846
Same-origin policy bypass in the CSS Parsing and Computation component. This vulnerability was fixed in Firefox 148.0.2...
PT-2026-24212
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148.0.2 Description A bypass of the same-origin policy exists in the CSS Parsing and Computation component. This allows potentially malicious actors to circumvent security restrictions designed to isolate web pages fr...
Firefox -- Same-origin policy bypass
https://bugzilla.mozilla.org/showbug.cgi?id=2018400 reports: Same-origin policy bypass in the CSS Parsing and Computation component...
CVE-2026-20031
The CVE-2026-20031 entry describes a vulnerability in the HTML CSS module of ClamAV where improper handling of UTF-8 strings during HTML scanning can cause the scanner to terminate (DoS). Attack requires no authentication and can be triggered by submitting a crafted HTML file for scanning on an a...
ClamAV Cascading Style Sheets Image Parsing Error Handling Denial of Service Vulnerability
A vulnerability in the HTML Cascading Style Sheets CSS module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper error handling when splitting UTF-8 strings. An attacker could exploit th...
PT-2026-27390
Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 115.34 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 Description A use-after-free issue exists in the CSS Parsing and...
EUVD-2019-0629
Malware in sbrugna...
Information Exposure
sanitize-html is vulnerable to Information Exposure. The vulnerability is due to the parsing of CSS through the style attribute without disabling source maps, which can allow attackers to infer the file system structure and dependencies of the server...
CVE-2023-48631
@adobe/css-tools versions 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS...
Adobe css-tools Input Validation Error Vulnerability
Adobe css-tools is a CSS parser/string generator for Node.js from Adobe USA. An input validation error vulnerability exists in adobe css-tools version 4.3.1 and earlier, which stems from being affected by incorrect input validation and may result in a denial of service when attempting to parse CS...
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity
Impact @adobe/css-tools version 4.3.1 and earlier are affected by an Improper Input Validation vulnerability that could result in a denial of service while attempting to parse CSS. Patches The issue has been resolved in 4.3.2. Workarounds None References N/A...