4 matches found
EUVD-2026-40526
Insufficient policy enforcement in Canvas in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
CVE-2026-13840
CVE-2026-13840 involves insufficient policy enforcement in Canvas within Google Chrome prior to version 150.0.7871.47, allowing a remote attacker to leak cross-origin data via a crafted HTML page. The vulnerability is described as a canvas policy enforcement issue, with high severity. The availab...
Amazon Linux 2 : thunderbird, --advisory ALAS2-2025-2999 (ALAS-2025-2999)
The version of thunderbird installed on the remote host is prior to 140.2.0-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2999 advisory. Improper Input Validation vulnerability in Mozilla neqo leads to an unexploitable crash..This issue affects neqo: fr...
MGASA-2025-0228 Updated thunderbird packages fix vulnerabilities
Use-after-free in FontFaceSet. CVE-2025-6424 The WebCompat WebExtension shipped exposed a persistent UUID. CVE-2025-6425 Incorrect parsing of URLs could have allowed embedding of youtube.com. CVE-2025-6429 Content-Disposition header ignored when a file is included in an embed or object tag...